沒有Identity ASP.NET Core v2的Cookie中間件

Question

我試圖在不使用身份的情況下進行身份驗證。 我發現了一些文章描述了如何在其他版本中執行它，但對於ASP.NET Core 2沒有任何內容。

以下是我拼湊在一起的內容。 但是當它到達SignInAsync時會拋出異常InvalidOperationException: No authentication handler is configured to handle the scheme: MyCookieMiddlewareInstance

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
        services.AddMvc();
        services.AddCookieAuthentication("MyCookieMiddlewareInstance", o =>
        {
            o.LoginPath = new PathString("/Account/Login/");
            o.AccessDeniedPath = new PathString("/Account/Forbidden/");

        });
        services.AddAuthentication();
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
        }

        app.UseStaticFiles();

        app.UseMvc(routes =>
        {
            routes.MapRoute(
                name: "default",
                template: "{controller=Home}/{action=Index}/{id?}");
        });

        app.UseAuthentication();
    }

    public async Task<IActionResult> Login()
    {

        var claims = new List<Claim>
            {
                new Claim(ClaimTypes.Name, "joe nobody")
            };
        var identity = new ClaimsIdentity(claims, "MyCookieMiddlewareInstance");
        var principal = new ClaimsPrincipal(identity);

        //blows up on the following statement:
        //InvalidOperationException: No authentication handler is configured to handle the scheme: MyCookieMiddlewareInstance
        await HttpContext.Authentication.SignInAsync("MyCookieMiddlewareInstance", principal); 

        return View();
    }

有一個針對asp.net core v1.x的Microsoft文檔（ https://docs.microsoft.com/en-us/aspnet/core/security/authentication/cookie ），但是在v2中對IApplicationBuilder.UseCookieAuthentication（）進行了折舊。沒有找到任何解決方案。

Answer 1

看起來Auth 2.0有一些重大變化（ https://github.com/aspnet/Announcements/issues/232 ）

設置是正確的，但我需要做兩件事：

1. 使用HttpContext.SignInAsync() （ using Microsoft.AspNetCore.Authentication ）代替HttpContext.Authentication.SignInAsync()
2. 使用"AuthenticationTypes.Federation"作為身份驗證類型（注意：其他值似乎不起作用，空白將導致設置用戶名並且IsAuthenticated為false） var identity = new ClaimsIdentity(claims, "AuthenticationTypes.Federation");

以下是更正后的代碼

在Startup.cs中

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
        services.AddMvc();
        services.AddCookieAuthentication("MyCookieMiddlewareInstance", o =>
        {
            o.LoginPath = new PathString("/Account/Login/");
            o.AccessDeniedPath = new PathString("/Account/Forbidden/");
        });
        services.AddAuthentication();
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
        }

        app.UseStaticFiles();

        app.UseAuthentication();

        app.UseMvc(routes =>
        {
            routes.MapRoute(
                name: "default",
                template: "{controller=Home}/{action=Index}/{id?}");
        });
    }

在控制器中

    using Microsoft.AspNetCore.Authentication;
    //...
    public async Task<IActionResult> Login()
    {
        var claims = new List<Claim>
        {
            new Claim(ClaimTypes.Name, "joe nobody")
        };
        var identity = new ClaimsIdentity(claims, "AuthenticationTypes.Federation");
        var principal = new ClaimsPrincipal(identity);
        await HttpContext.SignInAsync("MyCookieMiddlewareInstance", principal);

        return View();
    }