[英]ASP.NET Core Web Api controller end points are all returning 404 error
[英]ASP.NET Core 6 OAuth2 Logout - returning 404 error
我正在嘗試為 ASP.NET Core 6.0 MVC 應用程序實現注銷功能(Web API 不是一個單獨的項目)。
但是,當我嘗試注銷應用程序時,出現 404 Bad Request - 錯誤:
'post_logout_redirect_uri' 參數必須是客戶端應用程序設置中的注銷重定向 URI
這是program.cs
:
appBuilder.Services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
{
options.ExpireTimeSpan = TimeSpan.FromMinutes(10);
options.SlidingExpiration = true;
})
.AddOpenIdConnect(options =>
{
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.Authority = config.GetValue<string>("Okta:Domain");
options.ClientId = config.GetValue<string>("Okta:ClientId");
options.ClientSecret = config.GetValue<string>("Okta:ClientSecret");
options.GetClaimsFromUserInfoEndpoint = true;
options.ResponseType = OpenIdConnectResponseType.Code;
options.UseTokenLifetime = true;
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email");
options.SaveTokens = true;
options.UseTokenLifetime = true;
options.RequireHttpsMetadata = true;
options.CallbackPath = "/signin-oidc";
options.SignedOutRedirectUri = "/Home/Logout";
if (config.GetValue<string>("env") != "localhost")
{
var proxyUri = new WebProxy(new Uri(config["ProxyURL"]), BypassOnLocal: false);
var proxyHttpClientHandler = new HttpClientHandler
{
Proxy = proxyUri,
UseProxy = true,
SslProtocols = System.Security.Authentication.SslProtocols.Tls | System.Security.Authentication.SslProtocols.Tls11 | System.Security.Authentication.SslProtocols.Tls12
};
var httpClient = new HttpClient(proxyHttpClientHandler)
{
Timeout = TimeSpan.FromMinutes(10)
};
options.BackchannelHttpHandler = new HttpClientHandler
{
ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true,
Proxy = proxyHttpClientHandler.Proxy,
};
}
options.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProvider = async ctx =>
{
ctx.ProtocolMessage.RedirectUri = config.GetValue<string>("Okta:RedirectUri");
await Task.FromResult(0);
},
OnRedirectToIdentityProviderForSignOut = async ctx =>
{
ctx.ProtocolMessage.PostLogoutRedirectUri = config.GetValue<string>("Okta:PostLogoutRedirectUri");
await Task.CompletedTask;
},
OnUserInformationReceived = async context =>
{
string rAccessToken = context.ProtocolMessage.AccessToken;
string rIdToken = context.ProtocolMessage.IdToken;
var handler = new JwtSecurityTokenHandler();
var accessToken = handler.ReadJwtToken(rAccessToken);
var idToken = handler.ReadJwtToken(rIdToken);
},
OnTicketReceived = async context =>
{
},
OnAuthenticationFailed = async context =>
{
},
OnSignedOutCallbackRedirect = async context =>
{
}
};
});
appBuilder.Services.AddAuthorization();
appsettings.json
:
"Okta": {
"ClientId": "123Ac0n28iK9MH3Oc297",
"ClientSecret": "325twLwoWrgBY6ep-Imgsrg43_12cIo6jA993j2VU",
"Domain": "https://login-bb.zzz/oauth2/default",
"PostLogoutRedirectUri": "https://localhost:22334/signout-callback-oidc",
"RedirectUri": "https://localhost:22334/signin-oidc",
"SignOutRedirectUri": "https://localhost:22334/signout-oidc"
},
控制器:
[HttpPost]
public async Task Logout()
{
if (User.Identity.IsAuthenticated)
{
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme);
}
}
如果將PostLogoutRedirectUri
設置為 NULL,它會退出應用程序並重定向到登錄頁面。 但是,在登錄后,它不會將我帶回應用程序,而是將我重定向到 okta 主頁。
我很欣賞這方面的任何提示。
從未使用過 OKTA API,但出於好奇並查看了 API 文檔。 據我所見,您的 appsettings.json 的命名法可能不正確。 您有“PostLogoutRedirectUri”,API 文檔顯示將 PostLogoutRedirectUri 的 json 設置為“end_session_redirect_uri”
還說明了這...
如果您不指定 post_logout_redirect_uri,則瀏覽器將重定向到 Okta 登錄頁面
如果 API 端點正在尋找“end_session_redirect_uri”但沒有得到它,則可能它會將其視為未在上述引述中指定。
向下滾動到...“定義注銷回調”部分。
就像我上面說的,從未使用過 Okta 只是對此感到好奇。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.