[英]Why is this CORS policy not working ASP.NET Core
I've been trying to set up Discord Oauth2 token authentication on an ASP.NET Core 2.2 / Angular 7 project and it has been quite a bumpy ride. 我一直在尝试在ASP.NET Core 2.2 / Angular 7项目上设置Discord Oauth2令牌认证,这是一个相当坎bump的过程。
I really can't seem to find any examples that give more than a fraction of the explanation required to set this all up. 我似乎真的找不到任何示例,这些示例所提供的解释仅占全部内容的一部分。 The error I'm currently battling with is the following:
我当前正在处理的错误如下:
Access to XMLHttpRequest at 'https://discordapp.com/oauth2/authorize?client_id=<removed>&scope=identify&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2Fsignin-discord&state=<removed>'
(redirected from 'http://localhost:5000/api/v1/Authentication/SignIn') from origin 'http://localhost:5000' has been blocked by CORS policy:
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource
For context, here is some of my code: 对于上下文,这是我的一些代码:
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
options.AddPolicy("AllowAll",
builder => builder.WithOrigins("http://localhost:5000").AllowAnyHeader());
});
...
services.AddAuthentication(options =>
{
options.DefaultScheme = DiscordAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = DiscordAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignOutScheme = CookieAuthenticationDefaults.AuthenticationScheme;
}).AddCookie(options =>
{
options.LoginPath = "/login";
options.LogoutPath = "/signout";
options.ExpireTimeSpan = TimeSpan.FromMinutes(10);
options.SlidingExpiration = true;
})
.AddDiscord(options =>
{
options.ClientId = "<removed>";
options.ClientSecret = "<removed>";
options.Scope.Add("identify");
});
...
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
...
app.UseCors("AllowAll");
...
}
// in AuthenticationController.cs
public class AuthenticationController : Controller
{
[HttpPost("[action]")]
public IActionResult SignIn()
{
return Challenge(new AuthenticationProperties {RedirectUri = "http://localhost:5000"});
}
...
}
I tried all of these combinations of services.addCors()
and app.UseCors()
to no avail 我尝试了所有这些
services.addCors()
和app.UseCors()
组合都无济于事
services.AddCors();
app.UseCors(builder =>
builder.WithOrigins("http://localhost:5000").AllowAnyHeader());
services.AddCors();
app.UseCors(builder =>
builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader());
and everything inbetween. 以及两者之间的一切。 The error does not change no matter what I do with cors.
无论我对cors做什么,该错误都不会改变。 Also, yes I have the
Microsoft.AspNetCore.Cors
nu-get package installed. 另外,是的,我安装了
Microsoft.AspNetCore.Cors
nu-get软件包。 Yes, app.UseCors()
is called before app.useMvc
是的,在
app.useMvc
之前调用了app.UseCors()
Any other ideas? 还有其他想法吗?
I experienced a similar issue today but figured it out later. 我今天遇到了类似的问题,但后来发现了。 Make sure you are using the same versions of net core.
确保您使用的是相同版本的网络核心。 I happened to be using both 2.1 and 2.2 packages.
我碰巧同时使用了2.1和2.2软件包。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.