C# IdentityServer3-由于CORS路径无效而被拒绝
我们有一个ASP.NET MVC应用程序,它正在对IdentityServer3进行身份验证,但如果用户在大约3分钟后(在3分钟之前,一切似乎都正常)等待继续使用AJAX功能,则使用ApicController启动的应用程序的web API部分将失败 Chrome中出现的错误有: 无法加载XMLHttpRequest …gwLTk5ZjMtN2QxZjUyMjgxNGE4MDg2NjFhZTAtOTEzNi00MDE3LTkzNGQtNTc5ODAzZTE1Mzgw。 请求的服务器上不存在“Access Control Allow Origin”标头 资源。因此,不允许使用源“” 进入 在IE上,我得到以下错误: SCRIPT7002:XMLHttpRequest:网络错误0x4c7,操作失败 已被用户取消 查看IdentityServer3的日志,我看到如下条目: 2015-08-10 16:42[警告] (Thinktecture.IdentityServer.Core.Configuration.Hosting.CorspolicProvider) 对路径发出的CORS请求:/connect/authorize from origin: 但被拒绝,因为CORS路径无效 在IdentityServer3 web应用程序中,我为客户提供了允许的公司名称:C# IdentityServer3-由于CORS路径无效而被拒绝,c#,ajax,cors,asp.net-apicontroller,identityserver3,C#,Ajax,Cors,Asp.net Apicontroller,Identityserver3,我们有一个ASP.NET MVC应用程序,它正在对IdentityServer3进行身份验证,但如果用户在大约3分钟后(在3分钟之前,一切似乎都正常)等待继续使用AJAX功能,则使用ApicController启动的应用程序的web API部分将失败 Chrome中出现的错误有: 无法加载XMLHttpRequest …gwLTk5ZjMtN2QxZjUyMjgxNGE4MDg2NjFhZTAtOTEzNi00MDE3LTkzNGQtNTc5ODAzZTE1Mzgw。 请求的服务器上不存在“Ac
Thinktecture.IdentityServer.Core.Models.Client client = new Thinktecture.IdentityServer.Core.Models.Client()
{
Enabled = configClient.Enabled,
ClientId = configClient.Id,
ClientName = configClient.Name,
RedirectUris = new List<string>(),
PostLogoutRedirectUris = new List<string>(),
AllowedCorsOrigins = new List<string>(),
RequireConsent = false, // Don't show consents screen to user
RefreshTokenExpiration = Thinktecture.IdentityServer.Core.Models.TokenExpiration.Sliding
};
foreach (Configuration.RegisteredUri uri in configClient.RedirectUris)
{
client.RedirectUris.Add(uri.Uri);
}
foreach (Configuration.RegisteredUri uri in configClient.PostLogoutRedirectUris)
{
client.PostLogoutRedirectUris.Add(uri.Uri);
}
// Quick hack to try and get CORS working
client.AllowedCorsOrigins.Add("http://test.myapp.com");
client.AllowedCorsOrigins.Add("http://test.myapp.com/"); // Don't think trailing / needed, but added just in case
clients.Add(client);
Thinktecture.IdentityServer.Core.Models.Client=new Thinktecture.IdentityServer.Core.Models.Client()
{
Enabled=configClient.Enabled,
ClientId=configClient.Id,
ClientName=configClient.Name,
RedirectUris=新列表(),
PostLogoutRedirectUris=新列表(),
AllowedCorsOrigins=新列表(),
RequiredSent=false,//不向用户显示同意屏幕
RefreshTokenExpiration=Thinktecture.IdentityServer.Core.Models.TokenExpiration.Sliding
};
foreach(configClient.RedirectURI中的Configuration.RegisteredUri uri)
{
client.RedirectUris.Add(uri.uri);
}
foreach(configClient.postlogutrediredirecturis中的Configuration.RegisteredUri uri)
{
client.PostLogoutRedirectUris.Add(uri.uri);
}
//快速黑客尝试让CORS工作
client.AllowedCorsOrigins.Add(“http://test.myapp.com");
client.AllowedCorsOrigins.Add(“http://test.myapp.com/"); // 不认为需要拖尾/拖尾,只是为了以防万一而添加
客户。添加(客户);
注册服务时,我会添加InMemoryCorsPolicyService:
app.Map("/auth", idsrvApp =>
{
var factory = new IdentityServerServiceFactory();
factory.Register(new Registration<AuthContext>(resolver => AuthObjects.AuthContext));
factory.Register(new Registration<AuthUserStore>());
factory.Register(new Registration<AuthRoleStore>());
factory.Register(new Registration<AuthUserManager>());
factory.Register(new Registration<AuthRoleManager>());
// Custom user service used to inject custom registration workflow
factory.UserService = new Registration<IUserService>(resolver => AuthObjects.AuthUserService);
var scopeStore = new InMemoryScopeStore(Scopes.Get());
factory.ScopeStore = new Registration<IScopeStore>(scopeStore);
var clientStore = new InMemoryClientStore(Clients.Get());
factory.ClientStore = new Registration<IClientStore>(clientStore);
var cors = new InMemoryCorsPolicyService(Clients.Get());
factory.CorsPolicyService = new Registration<ICorsPolicyService>(cors);
...
var options = new IdentityServerOptions
{
SiteName = "Authentication",
SigningCertificate = LoadCertificate(),
Factory = factory,
AuthenticationOptions = authOptions
};
...
});
app.Map(“/auth”,idsrvApp=>
{
var factory=新标识服务器服务工厂();
工厂注册(新注册)