Asp.net mvc OAuth for office365创建无限循环cookie
我正在使用Oauth创建一个多租户webapp。我创建了Azure应用程序,并给出了与我的web应用程序URL类似的回复URL。当我第一次尝试登录时,它运行良好,并重新定向到我的网站。之后,我清除了我的cookies和会话。现在我尝试使用office365帐户登录,导致创建多个cookie的无限循环。请查看屏幕截图了解更多信息 有人知道会出什么问题吗Asp.net mvc OAuth for office365创建无限循环cookie,asp.net-mvc,azure,c#-4.0,oauth,office365,Asp.net Mvc,Azure,C# 4.0,Oauth,Office365,我正在使用Oauth创建一个多租户webapp。我创建了Azure应用程序,并给出了与我的web应用程序URL类似的回复URL。当我第一次尝试登录时,它运行良好,并重新定向到我的网站。之后,我清除了我的cookies和会话。现在我尝试使用office365帐户登录,导致创建多个cookie的无限循环。请查看屏幕截图了解更多信息 有人知道会出什么问题吗 你能提供你的代码来更好地理解你的问题吗>?我正在使用下面的代码。当我从localhost:24488执行时,相同的代码可以正常工作,但当我在Azu
你能提供你的代码来更好地理解你的问题吗>?我正在使用下面的代码。当我从localhost:24488执行时,相同的代码可以正常工作,但当我在Azure中托管时,代码不工作。我不知道确切的原因是什么。
public void SignIn()
{
// Send an OpenID Connect sign-in request.
if (!Request.IsAuthenticated)
{
HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = "/" }, OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
}
public void SignOut()
{
// Remove all cache entries for this user and send an OpenID Connect sign-out request.
string callbackUrl = Url.Action("SignOutCallback", "Account", routeValues: null, protocol: Request.Url.Scheme);
HttpContext.GetOwinContext().Authentication.SignOut(
new AuthenticationProperties { RedirectUri = callbackUrl },
OpenIdConnectAuthenticationDefaults.AuthenticationType, CookieAuthenticationDefaults.AuthenticationType);
}
public void ConfigureAuth(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = SettingsHelper.ClientId,
Authority = SettingsHelper.Authority,
Notifications = new OpenIdConnectAuthenticationNotifications()
{
AuthorizationCodeReceived = (context) =>
{
var code = context.Code;
ClientCredential credential = new ClientCredential(SettingsHelper.ClientId, SettingsHelper.ClientSecret);
String UserObjectId = context.AuthenticationTicket.Identity.FindFirst(ClaimTypes.NameIdentifier).Value;
AuthenticationContext authContext = new AuthenticationContext(SettingsHelper.Authority, new ADALTokenCache(UserObjectId));
authContext.AcquireTokenByAuthorizationCode(code, new Uri(HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Path)), credential, SettingsHelper.AADGraphResourceId);
return Task.FromResult(0);
},
RedirectToIdentityProvider = (context) =>
{
// This ensures that the address used for sign in and sign out is picked up dynamically from the request
// this allows you to deploy your app (to Azure Web Sites, for example)without having to change settings
// Remember that the base URL of the address used here must be provisioned in Azure AD beforehand.
string appBaseUrl = context.Request.Scheme + "://" + context.Request.Host + context.Request.PathBase;
context.ProtocolMessage.RedirectUri = appBaseUrl + "/";
context.ProtocolMessage.PostLogoutRedirectUri = appBaseUrl;
return Task.FromResult(0);
},
AuthenticationFailed = (context) =>
{
// Suppress the exception if you don't want to see the error
context.HandleResponse();
return Task.FromResult(0);
}
}
});
}