C# IdentityServer4在将VS2019更新到版本16.4.2后未处理隐式登录流

我已经让IdentityServer4运行了几个月，它工作得非常好。将VS2019从16.3.10更新到16.4.2后，隐式登录流不再工作。用户获得身份验证，但当启动回调连接/授权时，用户不再获得身份验证，并且尝试登录的用户再次获得登录屏幕。我花了四个小时才找到原因。我在家里有一个系统，它可以很好地运行软件，而在我工作的工作站上运行相同的软件则显示出错误的行为。当我将我的家庭系统更新到最新版本时，我发现这个版本不再工作了

我无法更新Identityserver。我已经尝试了最新的版本2.5.4，而不是稳定的3.0.2，但这并不能解决问题。我还尝试了.NETCore3.1而不是3.0。没有区别

我正在测试Oauth2的功能，该功能具有Postman的“隐式”登录特性，到目前为止工作得非常好。我总是毫无问题地收到JWT令牌

下面是日志：

info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
      Request starting HTTP/1.1 POST http://localhost:51131/account/enterpassword application/x-www-form-urlencoded 466
info: Microsoft.AspNetCore.Cors.Infrastructure.CorsMiddleware[10]
      No CORS policy found for the specified request.
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
      Executing endpoint 'IdentityServer4.Quickstart.UI.AccountController.EnterPassword (Identity)'
info: Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker[3]
      Route matched with {action = "EnterPassword", controller = "Account"}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] EnterPassword(IdentityServer4.Quickstart.UI.LoginInputModel, System.String) on controller IdentityServer4.Quickstart.UI.AccountController (Identity).
info: Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler[10]
      AuthenticationScheme: idsrv signed in.
info: Microsoft.AspNetCore.Mvc.Infrastructure.RedirectResultExecutor[1]
      Executing RedirectResult, redirecting to /connect/authorize/callback?response_type=token&state&client_id=openIdConnectClient&scope=apiservice.user&redirect_uri=https%3A%2F%2Fdev-api.bank2loyalty.com%2Fsignin-oidc.
info: Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker[2]
      Executed action IdentityServer4.Quickstart.UI.AccountController.EnterPassword (Identity) in 567.556ms
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
      Executed endpoint 'IdentityServer4.Quickstart.UI.AccountController.EnterPassword (Identity)'
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
      Request finished in 585.8635ms 302 
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
      Request starting HTTP/1.1 GET http://localhost:51131/connect/authorize/callback?response_type=token&state&client_id=openIdConnectClient&scope=apiservice.user&redirect_uri=https%3A%2F%2Fdev-api.bank2loyalty.com%2Fsignin-oidc  
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
      Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeCallbackEndpoint for /connect/authorize/callback
info: IdentityServer4.ResponseHandling.AuthorizeInteractionResponseGenerator[0]
      Showing login: User is not authenticated

我通过从VS2019站点下载16.3.10，成功安装了它。 猜猜看，它又起作用了，见下面的日志。但如何解决这个问题呢

info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
      Request starting HTTP/1.1 GET http://localhost:51131/account/enterpassword  
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
      Executing endpoint 'IdentityServer4.Quickstart.UI.AccountController.EnterPassword (Identity)'
info: Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker[3]
      Route matched with {action = "EnterPassword", controller = "Account"}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] EnterPassword() on controller IdentityServer4.Quickstart.UI.AccountController (Identity).
info: Microsoft.AspNetCore.Mvc.ViewFeatures.ViewResultExecutor[1]
      Executing ViewResult, running view EnterPassword.
info: Microsoft.AspNetCore.Mvc.ViewFeatures.ViewResultExecutor[4]
      Executed ViewResult - view EnterPassword executed in 19.181900000000002ms.
info: Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker[2]
      Executed action IdentityServer4.Quickstart.UI.AccountController.EnterPassword (Identity) in 475.66540000000003ms
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
      Executed endpoint 'IdentityServer4.Quickstart.UI.AccountController.EnterPassword (Identity)'
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
      Request finished in 490.25820000000004ms 200 text/html; charset=utf-8
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
      Request starting HTTP/1.1 POST http://localhost:51131/account/enterpassword application/x-www-form-urlencoded 466
info: Microsoft.AspNetCore.Cors.Infrastructure.CorsMiddleware[10]
      No CORS policy found for the specified request.
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
      Executing endpoint 'IdentityServer4.Quickstart.UI.AccountController.EnterPassword (Identity)'
info: Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker[3]
      Route matched with {action = "EnterPassword", controller = "Account"}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] EnterPassword(IdentityServer4.Quickstart.UI.LoginInputModel, System.String) on controller IdentityServer4.Quickstart.UI.AccountController (Identity).
info: Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler[10]
      AuthenticationScheme: idsrv signed in.
info: Microsoft.AspNetCore.Mvc.Infrastructure.RedirectResultExecutor[1]
      Executing RedirectResult, redirecting to /connect/authorize/callback?response_type=token&state&client_id=openIdConnectClient&scope=apiservice.user&redirect_uri=https%3A%2F%2Fdev-api.bank2loyalty.com%2Fsignin-oidc.
info: Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker[2]
      Executed action IdentityServer4.Quickstart.UI.AccountController.EnterPassword (Identity) in 514.2881ms
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
      Executed endpoint 'IdentityServer4.Quickstart.UI.AccountController.EnterPassword (Identity)'
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
      Request finished in 533.3788000000001ms 302 
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
      Request starting HTTP/1.1 GET http://localhost:51131/connect/authorize/callback?response_type=token&state&client_id=openIdConnectClient&scope=apiservice.user&redirect_uri=https%3A%2F%2Fdev-api.bank2loyalty.com%2Fsignin-oidc  
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
      Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeCallbackEndpoint for /connect/authorize/callback
info: Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler[10]
      AuthenticationScheme: idsrv signed in.

一些调试输出来自失败的情况，这可能会让“本领域技术人员”了解出了什么问题

[11:06:05 Debug] Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme: idsrv was not authenticated.
[11:06:05 Information] Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme: idsrv signed in.
[11:06:05 Debug] Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme: idsrv was not authenticated.
[11:06:05 Debug] Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme: idsrv was not authenticated.
[11:06:05 Debug] IdentityServer4.Hosting.EndpointRouter
Request path /connect/authorize/callback matched to endpoint type Authorize
[11:06:05 Debug] IdentityServer4.Hosting.EndpointRouter
Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeCallbackEndpoint
[11:06:05 Information] IdentityServer4.Hosting.IdentityServerMiddleware
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeCallbackEndpoint for /connect/authorize/callback
[11:06:05 Debug] IdentityServer4.Endpoints.AuthorizeCallbackEndpoint
Start authorize callback request
[11:06:05 Debug] Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme: idsrv was not authenticated.
[11:06:05 Debug] IdentityServer4.Endpoints.AuthorizeCallbackEndpoint
No user present in authorize request
[11:06:05 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Start authorize request protocol validation
[11:06:05 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator
[11:06:05 Debug] IdentityServer4.Endpoints.AuthorizeCallbackEndpoint
ValidatedAuthorizeRequest
{"ClientId": "openIdConnectClient", "ClientName": "Example Implicit Client Application", "RedirectUri": "https://localhost:44378/signin-oidc", "AllowedRedirectUris": ["https://localhost:44378/signin-oidc", "https://dev-api.bank2loyalty.com/signin-oidc", "https://api.bank2loyalty.com/signin-oidc"], "SubjectId": "anonymous", "ResponseType": "token", "ResponseMode": "fragment", "GrantType": "implicit", "RequestedScopes": "apiservice.user", "State": null, "UiLocales": null, "Nonce": null, "AuthenticationContextReferenceClasses": null, "DisplayMode": null, "PromptMode": null, "MaxAge": null, "LoginHint": null, "SessionId": null, "Raw": {"response_type": "token", "state": "", "client_id": "openIdConnectClient", "scope": "apiservice.user", "redirect_uri": "https://localhost:44378/signin-oidc"}, "$type": "AuthorizeRequestValidationLog"}
[11:06:05 Information] IdentityServer4.ResponseHandling.AuthorizeInteractionResponseGenerator
Showing login: User is not authenticated
[11:06:05 Debug] Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme: idsrv was not authenticated.
[11:06:05 Debug] Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme: idsrv was not authenticated.
[11:06:05 Debug] Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme: idsrv was not authenticated.
[11:06:05 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Start authorize request protocol validation
[11:06:05 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator

---

问题不在于VS2019，而在于安装的.netCore版本。从.net Core 3.0.1及更高版本开始，cookie策略处理已更改

与链接。在克里斯·罗斯的帮助下，我设法解决了这个问题。我按照建议修改了这些部分，现在它工作起来很有魅力，我测试了chrome、firefox、edge和internetexplore。一切都好

步骤1： 修改启动中的配置部分并添加UseCookiePolicy

app.UseIdentityServer();
app.UseRouting();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseAuthorization();

步骤2： 修改配置服务：

// Cookie policy stuff
services.Configure<CookiePolicyOptions>(options =>
{
    options.MinimumSameSitePolicy = (SameSiteMode) (-1);
    options.OnAppendCookie = cookieContext =>
        CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
    options.OnDeleteCookie = cookieContext =>
        CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
});

---

问题不在于VS2019，而在于安装的.netCore版本。从.net Core 3.0.1及更高版本开始，cookie策略处理已更改

与链接。在克里斯·罗斯的帮助下，我设法解决了这个问题。我按照建议修改了这些部分，现在它工作起来很有魅力，我测试了chrome、firefox、edge和internetexplore。一切都好

步骤1： 修改启动中的配置部分并添加UseCookiePolicy

app.UseIdentityServer();
app.UseRouting();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseAuthorization();

步骤2： 修改配置服务：

// Cookie policy stuff
services.Configure<CookiePolicyOptions>(options =>
{
    options.MinimumSameSitePolicy = (SameSiteMode) (-1);
    options.OnAppendCookie = cookieContext =>
        CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
    options.OnDeleteCookie = cookieContext =>
        CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
});

---

它在VS之外运行吗？不。我把它作为一个容器运行，同样的问题。所以你只需要更新VS，构建代码，部署到一个容器中，相同的代码，所有引用组件的精确版本，而代码的工作与否取决于使用哪个VS来构建它？是的，看起来是这样的。但情况越来越糟，我试图降低我的工作电脑的等级。为了安装16.3.10，我必须清除ms vs 2019目录。安装sdk后，我从.net核心网站上安装了sdk。然后，即使使用16.3.10，代码也不会运行。它快把我逼疯了！您是否可以逐个比较您的外部引用，并检查哪个特定引用在构建中具有不同版本但不起作用？这可能是罪魁祸首。它是否在VS之外运行？不。我将它作为一个容器运行，同样的问题。因此，您只需更新VS，构建代码，部署到一个容器中，相同的代码，所有引用组件的确切版本，而代码的工作与否取决于使用哪个VS构建它？是的，看起来是这样的。但情况越来越糟，我试图降低我的工作电脑的等级。为了安装16.3.10，我必须清除ms vs 2019目录。安装sdk后，我从.net核心网站上安装了sdk。然后，即使使用16.3.10，代码也不会运行。它快把我逼疯了！您是否可以逐个比较您的外部引用，并检查哪个特定引用在构建中具有不同版本但不起作用？这可能是罪魁祸首。这个答案救了我的命！请注意，“app.UseCookiePolicy（）；”必须出现在“app.UseIdentityServer（）；”之后。我花了几个小时才弄明白…这个答案救了我的命！请注意，“app.UseCookiePolicy（）；”必须出现在“app.UseIdentityServer（）；”之后。我花了几个小时才弄明白。。。