[英]Cookie Middleware without Identity ASP.NET Core v2
我試圖在不使用身份的情況下進行身份驗證。 我發現了一些文章描述了如何在其他版本中執行它,但對於ASP.NET Core 2沒有任何內容。
以下是我拼湊在一起的內容。 但是當它到達SignInAsync時會拋出異常InvalidOperationException: No authentication handler is configured to handle the scheme: MyCookieMiddlewareInstance
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddCookieAuthentication("MyCookieMiddlewareInstance", o =>
{
o.LoginPath = new PathString("/Account/Login/");
o.AccessDeniedPath = new PathString("/Account/Forbidden/");
});
services.AddAuthentication();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
app.UseAuthentication();
}
public async Task<IActionResult> Login()
{
var claims = new List<Claim>
{
new Claim(ClaimTypes.Name, "joe nobody")
};
var identity = new ClaimsIdentity(claims, "MyCookieMiddlewareInstance");
var principal = new ClaimsPrincipal(identity);
//blows up on the following statement:
//InvalidOperationException: No authentication handler is configured to handle the scheme: MyCookieMiddlewareInstance
await HttpContext.Authentication.SignInAsync("MyCookieMiddlewareInstance", principal);
return View();
}
有一個針對asp.net core v1.x的Microsoft文檔( https://docs.microsoft.com/en-us/aspnet/core/security/authentication/cookie ),但是在v2中對IApplicationBuilder.UseCookieAuthentication()進行了折舊。沒有找到任何解決方案。
看起來Auth 2.0有一些重大變化( https://github.com/aspnet/Announcements/issues/232 )
設置是正確的,但我需要做兩件事:
HttpContext.SignInAsync()
( using Microsoft.AspNetCore.Authentication
)代替HttpContext.Authentication.SignInAsync()
"AuthenticationTypes.Federation"
作為身份驗證類型(注意:其他值似乎不起作用,空白將導致設置用戶名並且IsAuthenticated為false) var identity = new ClaimsIdentity(claims, "AuthenticationTypes.Federation");
以下是更正后的代碼
在Startup.cs中
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddCookieAuthentication("MyCookieMiddlewareInstance", o =>
{
o.LoginPath = new PathString("/Account/Login/");
o.AccessDeniedPath = new PathString("/Account/Forbidden/");
});
services.AddAuthentication();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
在控制器中
using Microsoft.AspNetCore.Authentication;
//...
public async Task<IActionResult> Login()
{
var claims = new List<Claim>
{
new Claim(ClaimTypes.Name, "joe nobody")
};
var identity = new ClaimsIdentity(claims, "AuthenticationTypes.Federation");
var principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync("MyCookieMiddlewareInstance", principal);
return View();
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.