C# ASP.Net Core AzureAD身份验证可以工作,但登录和注销不能工作
我希望我的问题得到了正确的答案。 如果没有,我会删除它,并张贴在正确的地方 在战斗了几个小时后,我要问你们 我正在使用asp.net内核和AzureAD认证,并使用microsoft帐户。 我使用VS2019创建了一个演示项目,并遵循了本示例中的所有内容: 除了通过NuGet安装Microsoft.Identity.Web和Microsoft.Identity.Web.UI之外,我没有对项目进行任何更改;并在教程中进行这些更改 我已在azure门户上注册了该应用程序 当我运行应用程序时,一切正常。 我被重定向到微软;输入我的凭据,我就登录了。 工作得很有魅力 我唯一面对的是: 登录和注销按钮不工作 当我运行应用程序并查看原始html源代码时,我注意到C# ASP.Net Core AzureAD身份验证可以工作,但登录和注销不能工作,c#,asp.net,asp.net-mvc,azure,asp.net-core,C#,Asp.net,Asp.net Mvc,Azure,Asp.net Core,我希望我的问题得到了正确的答案。 如果没有,我会删除它,并张贴在正确的地方 在战斗了几个小时后,我要问你们 我正在使用asp.net内核和AzureAD认证,并使用microsoft帐户。 我使用VS2019创建了一个演示项目,并遵循了本示例中的所有内容: 除了通过NuGet安装Microsoft.Identity.Web和Microsoft.Identity.Web.UI之外,我没有对项目进行任何更改;并在教程中进行这些更改 我已在azure门户上注册了该应用程序 当我运行应用程序时,一切正常
<a class="nav-link text-dark" asp-area="MicrosoftIdentity" asp-controller="Account" asp-action="SignOut">Sign Out</a>
Startup.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc.Authorization;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.Identity;
using Microsoft.Identity.Web;
using Microsoft.Identity.Web.UI;
namespace WebApplication2
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddRazorPages();
services.AddMicrosoftIdentityWebAppAuthentication(Configuration, "AzureAd");
services.AddRazorPages().AddMvcOptions(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddMicrosoftIdentityUI();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapRazorPages();
});
}
}
}
_Layout.cshtml
@using Microsoft.Identity;
@using Microsoft.Identity.Web;
@using Microsoft.Identity.Web.UI;
@using Microsoft.AspNetCore.Authorization;
@using Microsoft.AspNetCore.Mvc.Authorization;
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>@ViewData["Title"] - WebApplication2</title>
<link rel="stylesheet" href="~/lib/bootstrap/dist/css/bootstrap.min.css" />
<link rel="stylesheet" href="~/css/site.css" />
</head>
<body>
<header>
<nav class="navbar navbar-expand-sm navbar-toggleable-sm navbar-light bg-white border-bottom box-shadow mb-3">
<div class="container">
<a class="navbar-brand" asp-area="" asp-page="/Index">WebApplication2</a>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target=".navbar-collapse" aria-controls="navbarSupportedContent"
aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="navbar-collapse collapse d-sm-inline-flex flex-sm-row-reverse">
<ul class="navbar-nav flex-grow-1">
<li class="nav-item">
<a class="nav-link text-dark" asp-area="" asp-page="/Index">Home</a>
</li>
<li class="nav-item">
<a class="nav-link text-dark" asp-area="" asp-page="/Privacy">Privacy</a>
</li>
</ul>
<partial name="_LoginPartial" />
</div>
</div>
</nav>
</header>
<div class="container">
<main role="main" class="pb-3">
@RenderBody()
</main>
</div>
<footer class="border-top footer text-muted">
<div class="container">
© 2021 - WebApplication2 - <a asp-area="" asp-page="/Privacy">Privacy</a>
</div>
</footer>
<script src="~/lib/jquery/dist/jquery.min.js"></script>
<script src="~/lib/bootstrap/dist/js/bootstrap.bundle.min.js"></script>
<script src="~/js/site.js" asp-append-version="true"></script>
@RenderSection("Scripts", required: false)
</body>
</html>
_LoginPartial.cshtml
<ul class="navbar-nav">
@if (User.Identity.IsAuthenticated)
{
<li class="nav-item">
<span class="navbar-text text-dark">Hello!</span>
</li>
<li class="nav-item">
<a class="nav-link text-dark" asp-area="MicrosoftIdentity" asp-controller="Account" asp-action="SignOut">Sign out</a>
</li>
}
else
{
<li class="nav-item">
<a class="nav-link text-dark" asp-area="MicrosoftIdentity" asp-controller="Account" asp-action="SignIn">Sign in</a>
</li>
}
</ul>
因为您正在使用ASP.NET核心标识和外部Azure AD登录 设置/再次检查正确的版本 确保将CookieSchemeName设置为Identity.External在服务中,这会告诉asp.net core Identity从外部身份提供商(如Azure AD)获取外部用户配置文件
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<IdentityUser>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
//double check your version here
options.Authority = options.Authority + "/v2.0/";
options.TokenValidationParameters.ValidateIssuer = false;
});
因为您正在使用ASP.NET核心标识和外部Azure AD登录 设置/再次检查正确的版本 确保将CookieSchemeName设置为Identity.External在服务中,这会告诉asp.net core Identity从外部身份提供商(如Azure AD)获取外部用户配置文件
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<IdentityUser>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
//double check your version here
options.Authority = options.Authority + "/v2.0/";
options.TokenValidationParameters.ValidateIssuer = false;
});
你有像这样的控制器吗跟着
应该是地址帐户/注销为您处理注销。您是否有类似的控制器?-跟着
应该为您处理注销的是地址帐户/注销。尝试启用MVC端点路由 配置服务:
services.AddControllersWithViews(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddMicrosoftIdentityUI();
配置:
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
尝试启用MVC端点路由 配置服务:
services.AddControllersWithViews(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddMicrosoftIdentityUI();
配置:
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
对于一个新的Razor Pages项目,我也遇到了同样的问题 在我将endpoints.MapController添加到Startup.cs中的app.UseEndpoints后修复 在配置中:
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
在配置服务中:
services.AddControllersWithViews(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddMicrosoftIdentityUI();
对于一个新的Razor Pages项目,我也遇到了同样的问题 在我将endpoints.MapController添加到Startup.cs中的app.UseEndpoints后修复 在配置中:
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
在配置服务中:
services.AddControllersWithViews(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddMicrosoftIdentityUI();
谢谢你的回复。我没有控制器,因为我通过NuGet安装了Microsoft.Identity.Web和Microsoft.Identity.Web.UI。如本教程所述,您不需要控制器,因为该控制器是由Microsoft.Identity.Web.UIOk提供的。很抱歉,我不明白这一点。因此,请确保您可以访问该帐户/注销端点。签出oidc导致空白页是正常的,因为它不打算以这种方式使用。考虑到登录和注销按钮都在工作,您可以做的另一件事是调试您的cshtml代码。谢谢!案子解决了!谢谢你的回复。我没有控制器,因为我通过NuGet安装了Microsoft.Identity.Web和Microsoft.Identity.Web.UI。如本教程所述,您不需要控制器,因为该控制器是由Microsoft.Identity.Web.UIOk提供的。很抱歉,我不明白这一点。因此,请确保您可以访问该帐户/注销端点。签出oidc导致空白页是正常的,因为它不打算以这种方式使用。考虑到登录和注销按钮都在工作,您可以做的另一件事是调试您的cshtml代码。谢谢!案子解决了!就这样!谢谢你,伙计!等一下。。它们支持razor页面和MVC,但是当您想要注销时,您还需要启用控制器/视图吗?哈哈,好吧,就这样!谢谢你,伙计!等一下。。它们支持razor页面和MVC,但是当您想要注销时,您还需要启用控制器/视图吗?哈哈,好吧