Authentication 从Asp.Net Core2.2中的CAS接收的\u票证无效
我必须在CAS登录时使用SSO。当我输入用户名和密码后,它会进入CAS服务器验证凭据,在成功验证后,我发现身份验证是正确的,现在我想验证接收票证,并需要一些来自CAS的XML信息 但是,当我将票据发送到Authentication 从Asp.Net Core2.2中的CAS接收的\u票证无效,authentication,asp.net-core,cas,Authentication,Asp.net Core,Cas,我必须在CAS登录时使用SSO。当我输入用户名和密码后,它会进入CAS服务器验证凭据,在成功验证后,我发现身份验证是正确的,现在我想验证接收票证,并需要一些来自CAS的XML信息 但是,当我将票据发送到serviceValidateURL时,每当我收到无效票据错误时 <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> <cas:authenticationFailure code='INVALID_T
serviceValidate
URL时,每当我收到无效票据错误时
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_TICKET'>
Ticket 'ST-48062-BNWXlqUWFg97PF4UZZKw-cas.identity.ucsb.edu' not recognized
</cas:authenticationFailure>
</cas:serviceResponse>
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddScoped<iUserService, UserService>();
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(o =>
{
o.LoginPath = new PathString("/login");
o.AccessDeniedPath = new PathString("/access-denied");
o.Cookie = new CookieBuilder
{
Name = ".AspNetCore.CasiEval"
};
o.Events = new CookieAuthenticationEvents
{
OnSigningIn = async context =>
{
var username = context.Principal.Identity.Name;
var userSvc = context.HttpContext.RequestServices.GetRequiredService<iUserService>();
var ticket_val = context.HttpContext.Request.Query["ticket"].ToString();
var state_val= context.HttpContext.Request.Query["state"].ToString();
string serviceUrl = $"https%3A%2F%2Flocalhost%3A44357%2FHome%2FIndex%3F";
string baseUrl = string.Empty;
baseUrl = "https://cas.application.com/cas/serviceValidate?";
string casUrl = $"{baseUrl}service={serviceUrl}&ticket={ticket_val}";
using (var httpClient = new HttpClient())
{
// Define Headers
httpClient.DefaultRequestHeaders.Accept.Clear();
// Add an Accept header for JSON format.
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var response = await httpClient.GetAsync(casUrl);
if (response.StatusCode == System.Net.HttpStatusCode.OK)
{
var result = response.Content.ReadAsStringAsync();
}
}
ClaimsIdentity identity = new ClaimsIdentity();
context.Principal.AddIdentity(identity);
await Task.Delay(100);
return;// Task.FromResult(0);
}
};
})
.AddCAS(o =>
{
o.CasServerUrlBase = Configuration["CasBaseUrl"]; // Set in `appsettings.json` file.
o.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
o.SaveTokens = true;
o.CallbackPath = new PathString("/Home/Index");
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
}