ASP.NET Owin OAuth (Google / Facebook) 正在重定向到远程登录页面的默认 login.aspx insead
[英]ASP.NET Owin OAuth (Google / Facebook) is redirecting to default login.aspx insead of remote log in page
问题描述
I'm setting up OAuth using the Owin libraries including Google and Facebook.
我正在使用 Owin 库(包括 Google 和 Facebook)设置 OAuth。
The Owin startup class is registering fine by the looks of it.从外观上看,Owin 启动类注册得很好。 What I'm finding is that rather than being redirected to the appropriate sign in page at Facebook or Google, I'm being redirected to a default 'login.aspx' page.我发现不是被重定向到 Facebook 或 Google 的适当登录页面,而是被重定向到默认的“login.aspx”页面。 There is no login.aspx page in my solution.我的解决方案中没有 login.aspx 页面。
The flow is triggered in a view like so:流在视图中触发,如下所示:
@{
// Get list of configured external authentication middleware
var loginProviders = Context.GetOwinContext().Authentication.GetExternalAuthenticationTypes();
if (!loginProviders.Any())
{
<div>
<p>There are no external authentication services configured</p>
</div>
}
else
{
using (Html.BeginForm("ExternalLogin", "OAuth"))
{
@Html.AntiForgeryToken()
<div>
<p>
@foreach (AuthenticationDescription p in loginProviders)
{
<button type="submit" class="btn btn-default" id="@p.AuthenticationType" name="provider" value="@p.AuthenticationType" title="Log in using your @p.Caption account">@p.AuthenticationType</button>
}
</p>
</div>
}
}
}
This triggers the challenge result, however the challenge result simply causes a redirect to login.aspx (which again does not exist)这会触发质询结果,但是质询结果只会导致重定向到 login.aspx(同样不存在)
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult ExternalLogin(string provider)
{
string redirectUri = Url.Action("ExternalLoginCallback");
// Request a redirect to the external login provider
return new ChallengeResult(provider, redirectUri);
}
What could I be missing?我可能会错过什么?
I've included the Startup.cs class for good measure:我已经包含了 Startup.cs 类以进行很好的衡量:
public void Configuration(IAppBuilder app)
{
app.UseCookieAuthentication(
new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseFacebookAuthentication(new FacebookAuthenticationOptions
{
AppId = Config.OAuthFacebookAppId,
AppSecret = Config.OAuthFacebookAppSecret,
Scope = { "email" }, // "email", also "publish_actions" can be included if post to facebook authorization is required
Provider = new FacebookAuthenticationProvider
{
OnAuthenticated = context =>
{
context.Identity.AddClaim(new System.Security.Claims.Claim("FacebookAccessToken", context.AccessToken));
return Task.FromResult(true);
}
}
});
app.UseGoogleAuthentication(
clientId: Config.OAuthGoogleClientId,
clientSecret: Config.OAuthGoogleClientSecret
);
}
2 个解决方案
解决方案1
3 2017-11-24 11:51:10
The key modification was to add the code:关键的修改是添加代码:
// Stop execution of the current page/method - the 401 forces OWIN to kick-in and do its thing
Response.StatusCode = 401;
Response.End();
AuthenticationProperties.RedirectUri is not passed to Google in Challenge() AuthenticationProperties.RedirectUri 不会在 Challenge() 中传递给 Google
Other issues were that the Google+ API was not enabled其他问题是未启用 Google+ API
OWIN's GetExternalLoginInfoAsync Always Returns null OWIN 的 GetExternalLoginInfoAsync 总是返回 null
... and for Facebook, an upgrade of the Owin libs to 3.1.0 was required ...对于 Facebook,需要将 Owin 库升级到 3.1.0
MVC5 Null Reference with facebook login 使用 facebook 登录的 MVC5 空引用
So full ExternalLogin method:如此完整的 ExternalLogin 方法:
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public void ExternalLogin(string provider)
{
string redirectUri = Url.Action("ExternalLoginCallback");
var properties = new AuthenticationProperties() { RedirectUri = redirectUri };
HttpContext.GetOwinContext().Authentication.Challenge(properties, provider);
// Stop execution of the current page/method - the 401 forces OWIN to kick-in and do its thing
Response.StatusCode = 401;
Response.End();
}
解决方案2
0 2021-05-17 08:48:43
The root cause of this issue (redirecting to login.aspx) is that during the process of migrating to OWIN authentication, FormsAuthentication has not actually been fully switched off so it is the result of a conflict between the two.此问题的根本原因(重定向到 login.aspx)是在迁移到 OWIN 身份验证的过程中,FormsAuthentication 实际上并未完全关闭,因此这是两者之间冲突的结果。
To fully de-activate forms authentication module and resolve this issue, you can add the following to modules section of the web.config file:要完全停用表单身份验证模块并解决此问题,您可以将以下内容添加到 web.config 文件的模块部分:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.