[英]ASP.NET Framework 4.8 / 4.7 connected with external SSO by OpenId Connect with Authorization Code Grant flow, returns 404 on /signin-oidc
我正在尝试使用带有授权代码授予请求的 OpenIDConnect/Oauth 将外部 SSO 提供程序 (FusionAuth) 设置为 ASP.NET Framework 4.8 项目。
当带有授权代码的响应来自 sso 服务器时, /signin-oidc端点不可用。
我在类似的帖子中发现,中间件可能未完全配置,需要将app.UseAuthentication()添加到Startup.cs ,但我不确定如何在 Framework 4.8 上执行此操作
看起来挑战计划没有开启。
这是我的启动 class。安装了Microsoft.Owin.Host.SystemWeb和其他依赖项。
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using Microsoft.IdentityModel.Tokens;
using Microsoft.Owin;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.Cookies;
using Microsoft.Owin.Security.OpenIdConnect;
using Owin;
[assembly: OwinStartup(typeof(WebApplication6_Framework.Startup))]
namespace WebApplication6_Framework
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions()
{
CookieName = "MyCookies",
AuthenticationType = CookieAuthenticationDefaults.AuthenticationType
});
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
Authority = "<authority>",
ClientId = "<client_id>",
ClientSecret = "<client_secren>",
RedirectUri = "https://localhost:44309/signin-oidc",
SignInAsAuthenticationType = "Cookies",
PostLogoutRedirectUri = "https://localhost:44309",
Scope = OpenIdConnectScope.OpenIdProfile,
ResponseType = "code", // OpenIdConnectResponseType.Code,
TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = false // For test
},
RequireHttpsMetadata = false
}
);
}
}
}
404 当我来自 SSO 服务器时,我的应用程序在/signin-oidc端点上有授权码。
Server Error in '/' Application.
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Requested URL: /signin-oidc
在 controller 上使用 [Autorize] 属性并使用登录 controller 中的代码尝试了两者:
public void SignIn()
{
if (!Request.IsAuthenticated)
{
HttpContext.GetOwinContext().Authentication.Challenge(
new AuthenticationProperties { RedirectUri = "https://localhost:44309/signin-oidc" },
OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
}
在 ASP.NET 6 项目中使用相同的设置,一切正常。
在此先感谢您的帮助。
更新:
相同问题但针对之前框架版本的参考:
ASP.NET MVC 未处理 OpenIdConnect signin-oidc 路由
这一切对我来说都不起作用,但它是解决问题原因的一个很好的切入点。
如何处理/修改 asp.net 核心外部登录的传出身份验证 cookie(作为 /signin-oidc 重定向的一部分生成)?
[英]How can one handle/modify the outgoing authentication cookie (generated as part of the /signin-oidc redirect) for asp.net core external login?
ASP.NET 使用外部 OpenID Connect 提供程序进行核心认证/授权
[英]ASP.NET Core authentication/authorization with external OpenID Connect provider
Asp.net 4.8 WebForms授权使用Owin OpenId Connect Authentication (app.UseOpenIdConnectAuthentication)
[英]Asp.net 4.8 WebForms authorization using Owin OpenId Connect Authentication (app.UseOpenIdConnectAuthentication)
ASP.NET Web API 和 OpenID Connect:如何从授权码获取访问令牌
[英]ASP.NET Web API and OpenID Connect: how to get Access Token from Authorization Code
如何使用OpenID Connect和ASP.NET在第一方应用程序中实现SSO?
[英]How to implement SSO among 1st-party apps with OpenID Connect and ASP.NET?
如何在 UWP 桌面应用程序中使用 oauth2 授权代码授予流程登录
[英]how to signin using oauth2 authorization Code Grant flow in UWP Desktop app
将 ASP.NET 核心 Web API 的 OAuth 授权从隐式更改为 Auth-Code 授权
[英]Change ASP.NET Core Web API's OAuth Authorization from Implicit to Auth-Code Grant
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.