.net core AWS Cognito.NET核心3.1集成
一般来说,我对.NET比较陌生,我正在尝试使用AWS Cognito为我的API创建一个简单的身份验证。我一直在网上阅读指南,但似乎没有一本适合我。这是我如何配置Startup.cs的:.net core AWS Cognito.NET核心3.1集成,.net-core,amazon-cognito,.net Core,Amazon Cognito,一般来说,我对.NET比较陌生,我正在尝试使用AWS Cognito为我的API创建一个简单的身份验证。我一直在网上阅读指南,但似乎没有一本适合我。这是我如何配置Startup.cs的: public void ConfigureServices(IServiceCollection services) { services.AddMemoryCache(); services.AddControllersWithViews(); services.AddAuthenti
public void ConfigureServices(IServiceCollection services)
{
services.AddMemoryCache();
services.AddControllersWithViews();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(options =>
{
options.ResponseType = Configuration["Authentication:Cognito:ResponseType"];
options.MetadataAddress = Configuration["Authentication:Cognito:MetadataAddress"];
options.ClientId = Configuration["Authentication:Cognito:ClientId"];
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
我已正确填写了我的配置。当我通过[Authorize]
保护页面时,我被重定向到AWS Cognito登录,然后我被重定向到https://localhost:5001/signin-oidc?code=…
其中我在控制台中得到一个空白页和一个错误,说明:
fail: Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler[52]
Message contains error: 'invalid_client', error_description: 'error_description is null', error_uri: 'error_uri is null', status code '400'.
fail: Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler[17]
Exception occurred while processing message.
Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException: Message contains error: 'invalid_client', error_description: 'error_description is null', error_uri: 'error_uri is null'.
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync()
fail: Microsoft.AspNetCore.Server.Kestrel[13]
Connection id "0HLTB2GSVEPB1", Request id "0HLTB2GSVEPB1:00000013": An unhandled exception was thrown by the application.
System.Exception: An error was encountered while handling the remote login.
---> Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException: Message contains error: 'invalid_client', error_description: 'error_description is null', error_uri: 'error_uri is null'.
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync()
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
我已经尝试确保AWS端没有错误,并且我能够看到代码和状态被发送回应用程序。设置用户池时,您是否使用客户端密码创建了它?当池需要客户机密时,我遇到了同样的问题。@tobyb对不起,我不记得了,很久以前的事了:(