使用ASP.NET Core 2.1:OAuth的FacebookAuth；Facebook平台“&引用；无效的“U代码”&引用；此授权码已被使用。”；_Asp.net_Facebook_Authentication_Oauth 2.0_Asp.net Core 2.0

使用ASP.NET Core 2.1:OAuth的FacebookAuth；Facebook平台“&引用；无效的“U代码”&引用；此授权码已被使用。”；

asp.net facebook authentication oauth-2.0

使用ASP.NET Core 2.1:OAuth的FacebookAuth；Facebook平台“&引用；无效的“U代码”&引用；此授权码已被使用。”；,asp.net,facebook,authentication,oauth-2.0,asp.net-core-2.0,Asp.net,Facebook,Authentication,Oauth 2.0,Asp.net Core 2.0,我读过stackoverflow上其他框架的类似问题，但没有一个涉及如何使用ASP.NET Core 2.1解决这个问题。我假设在某个地方我需要修改库生成的访问令牌，但是我没有看到一个简单的钩子导航到标有[Authorize]的控制器/操作后，该错误会产生以下异常： Exception: OAuth token endpoint failure: Status: BadRequest;Headers: Cache- Control: no-store Connection: keep-a

我读过stackoverflow上其他框架的类似问题，但没有一个涉及如何使用ASP.NET Core 2.1解决这个问题。我假设在某个地方我需要修改库生成的访问令牌，但是我没有看到一个简单的钩子

导航到标有[Authorize]的控制器/操作后，该错误会产生以下异常：

Exception: OAuth token endpoint failure: Status: BadRequest;Headers: Cache-    Control: no-store
Connection: keep-alive
Date: Sun, 01 Jul 2018 20:26:11 GMT
Pragma: no-cache
WWW-Authenticate: OAuth "Facebook Platform" "invalid_code" "This authorization code has been used."
Strict-Transport-Security: max-age=15552000;  x-fb-trace-id: FUP+X7GzCHR
x-fb-rev: 4066065
facebook-api-version: v2.6
Access-Control-Allow-Origin: *
X-FB-Debug: 97aI6xVBbJLooeNj3qmNCw9NFifMBvYire/pA0R6dCH5BqWcJ9Vc9rJK+KWvwiNiTXV4PX5ASLbEkbCGgqtCmg==
;Body: {"error":{"message":"This authorization code has been used.","type":"OAuthException","code":100,"fbtrace_id":"FUP+X7GzCHR"}};
Unknown location
Exception: An error was encountered while handling the remote login.
Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler+<HandleRequestAsync>d__12.MoveNext()

根据要求：原始堆栈跟踪（2018年7月9日）

2018年7月12日编辑：

具有相同错误的完整示例可在以下位置找到：

我解决了您的问题。您的

帐户控制器

有问题。当您呼叫

挑战

时，用户将被重定向到facebook，并在成功登录后返回。当用户返回时，其凭证将添加

IdentityConstants.ExternalScheme

。在这里，您还需要使用

IdentityConstants.ApplicationScheme

调用

sign

。所以你需要一个回调方法来处理这个问题

这是您需要在

AccountController

[HttpGet]
public IActionResult SignIn()
{
    var redirectUrl = Url.Action(nameof(HomeController.Index), "Home");
    return Login(redirectUrl);
}

[HttpGet]
public IActionResult Login(string returnUrl)
{
    var redirectUrl = Url.Action(nameof(AccountController.LoginCallback), "Account", new { returnUrl = returnUrl });

    return Challenge(
        new AuthenticationProperties { RedirectUri = redirectUrl, }, FacebookDefaults.AuthenticationScheme);
}

[HttpGet]
public async Task<IActionResult> LoginCallback(string returnUrl)
{
    var authenticateResult = await HttpContext.AuthenticateAsync(IdentityConstants.ExternalScheme);

    await HttpContext.SignInAsync(IdentityConstants.ApplicationScheme, new System.Security.Claims.ClaimsPrincipal(authenticateResult.Ticket.Principal.Identity));

    return LocalRedirect(returnUrl);
}

[HttpGet]
公共IActionResult登录（）
{
var redirectUrl=Url.Action（nameof（HomeController.Index），“Home”）；
返回登录（重定向URL）；
}
[HttpGet]
公共IActionResult登录（字符串返回URL）
{
var redirectUrl=Url.Action（nameof（AccountController.LoginCallback），“Account”，new{returnUrl=returnUrl}）；
回击(
新的AuthenticationProperties{RedirectUri=redirectUrl，}，FacebookDefaults.AuthenticationScheme）；
}
[HttpGet]
公共异步任务LoginCallback（字符串返回URL）
{
var authenticateResult=等待HttpContext.authenticateSync（IdentityConstants.ExternalScheme）；
等待HttpContext.SignInAsync（IdentityConstants.ApplicationScheme，new System.Security.Claims.ClaimsPrincipal（authenticateResult.Ticket.Principal.Identity））；
返回LocalRedirect（returnUrl）；
}

但我强烈建议您使用用户管理器模板。

@Kahbazi我以前试过，但后来把它撕掉了，因为它不起作用，这是按照docs@Kahbazi我已将问题更新为相关信息logs@Kahbazi我没有在钩子中看到指定API版本的方法。。。这难道不意味着对由Microsoft控制的API库进行了更改吗？@Kahbazi I从Microsoft.AspNetCore.Authentication.Facebook 2.0.4“升级”到2.1.1，现在我正在使用API v2.12。。。同样的error@Kahbazi我已根据要求添加了一个示例，很抱歉花了这么长时间，我将在赏金到期后阅读赏金

[Route("[controller]/[action]")]
public class AccountController : Controller
{
    [HttpGet]
    public IActionResult SignIn()
    {
        var redirectUrl = Url.Action(nameof(HomeController.Index), "Home");
        return Challenge(
            new AuthenticationProperties { RedirectUri = redirectUrl },
            FacebookDefaults.AuthenticationScheme);
    }
    [HttpGet]

    public IActionResult Login(string returnUrl)
    {
        return Challenge(
            new AuthenticationProperties { RedirectUri = returnUrl }, FacebookDefaults.AuthenticationScheme);
    }
}

System.Exception: An error was encountered while handling the remote login. ---> System.Exception: OAuth token endpoint failure: Status: BadRequest;Headers:     Cache-Control: no-store

Connection: keep-alive

Date: Tue, 10 Jul 2018 02:07:33 GMT

Pragma: no-cache

WWW-Authenticate: OAuth "Facebook Platform" "invalid_code" "This authorization code has been used."

Strict-Transport-Security: max-age=15552000; preload

x-fb-trace-id: GGIG00tEoLq

x-fb-rev: 4083489

facebook-api-version: v2.6

Access-Control-Allow-Origin: *

X-FB-Debug: oRwbzflr375r3JhjSp0V1K1iP3+vI5m/kHUCsr5CPHwHv68Waz4eydZ8cw5cTCCT2KUo6Z8la42syKtNPuWfxQ==

;Body: {"error":{"message":"This authorization code has been used.","type":"OAuthException","code":100,"fbtrace_id":"GGIG00tEoLq"}};

   --- End of inner exception stack trace ---

   at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.<HandleRequestAsync>d__12.MoveNext()

--- End of stack trace from previous location where exception was thrown ---

   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()

 at     System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)

   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.<Invoke>d__6.MoveNext()

--- End of stack trace from previous location where exception was thrown ---

   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()

   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)

   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.<Invoke>d__7.MoveNext()

2018-07-10 02:07:33 ::1 GET /signin-facebook/ code=AQACzBL6QlPjzfEBoB2L9LEbMXgdxw3KNgcBc-8fv2RGHAtfa9bGCqWZ-efFgEPv_mx1Xaphi6z0Ok6cNGDArIWiwdtIw_tB2r6EaQ7TyEsov5fajemTgYZtsgJXEOtpOo0YQmBDROIMtaKEAREsJFeN3eR3QYqEedadgSRikCB-gFVKCSalPXVQubHGzPRQHOl16u-zNNe4sJJlBX8G0LZeJ7tziCnIiexfTB_zBWvFrgjggfUPtlFV2VLWLxH55O3xD1sZxY2xFTy01P4Tb4ENAurvAh2techvnV4uDobSyrSVoylGSKEqTHdalENlqKU&state=CfDJ8Fal1oNbU75Jg6-R34J8E0YhIDy-BtCBqI_xTclwY43ARUtMiTWDmco_N7wJNTbUoHedtAe0yVBR2r9sV_sOTayIgaJEkRuqWyuO0i5Yh6vB7pbUX4krFRcwIzDbVSBGxPwBzQSOqtLPoY8KlKjmN70sooi_fQqq3OIcFynOe8UVd-mMtodbu3fdOz0kVpdO-khCscC-R4p78IJiWzqAN_Xsd_MR4ihTKbWSBfGRVreU 44392 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/64.0.3282.140+Safari/537.36+Edge/17.17134 - 500 0 0 245

[HttpGet]
public IActionResult SignIn()
{
    var redirectUrl = Url.Action(nameof(HomeController.Index), "Home");
    return Login(redirectUrl);
}

[HttpGet]
public IActionResult Login(string returnUrl)
{
    var redirectUrl = Url.Action(nameof(AccountController.LoginCallback), "Account", new { returnUrl = returnUrl });

    return Challenge(
        new AuthenticationProperties { RedirectUri = redirectUrl, }, FacebookDefaults.AuthenticationScheme);
}

[HttpGet]
public async Task<IActionResult> LoginCallback(string returnUrl)
{
    var authenticateResult = await HttpContext.AuthenticateAsync(IdentityConstants.ExternalScheme);

    await HttpContext.SignInAsync(IdentityConstants.ApplicationScheme, new System.Security.Claims.ClaimsPrincipal(authenticateResult.Ticket.Principal.Identity));

    return LocalRedirect(returnUrl);
}