C# Identity Server 4无限循环
我正在从事一个asp.net core 2.1项目,其中安装了identity server 4,用户使用entity framework存储在SQL数据库中。成功登录后,Web项目将有一个登录页面和一个仪表板 请在Startup.cs中找到下面的代码C# Identity Server 4无限循环,c#,asp.net-mvc,asp.net-core,single-sign-on,identityserver4,C#,Asp.net Mvc,Asp.net Core,Single Sign On,Identityserver4,我正在从事一个asp.net core 2.1项目,其中安装了identity server 4,用户使用entity framework存储在SQL数据库中。成功登录后,Web项目将有一个登录页面和一个仪表板 请在Startup.cs中找到下面的代码 public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; }
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
string connectionString = Configuration.GetConnectionString("DefaultConnection");
var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name;
services.AddMvc();
services.AddDbContext<ApplicationDbContext>(builder =>
builder.UseSqlServer(connectionString, sqlOptions => sqlOptions.MigrationsAssembly(migrationsAssembly)));
services.AddDbContext<SingleSignOn_dbContext>(builder =>
builder.UseSqlServer(connectionString));
services.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddIdentityServer(options =>
{
options.UserInteraction.LoginUrl = "/Master/Login"; // Set the default login page for Identity server.
}).AddOperationalStore(options =>
options.ConfigureDbContext = builder =>
builder.UseSqlServer(connectionString, sqlOptions => sqlOptions.MigrationsAssembly(migrationsAssembly)))
.AddConfigurationStore(options =>
options.ConfigureDbContext = builder =>
builder.UseSqlServer(connectionString, sqlOptions => sqlOptions.MigrationsAssembly(migrationsAssembly)))
.AddAspNetIdentity<IdentityUser>()
.AddDeveloperSigningCredential();
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Master/Error");
app.UseHsts();
}
// Only need to run this once.
InitializeDbTestData(app);
app.UseIdentityServer();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Master}/{action=Login}/{id?}");
});
}
公共类启动
{
公共启动(IConfiguration配置)
{
配置=配置;
}
公共IConfiguration配置{get;}
//此方法由运行时调用。请使用此方法将服务添加到容器中。
public void配置服务(IServiceCollection服务)
{
string connectionString=Configuration.GetConnectionString(“DefaultConnection”);
var migrationassembly=typeof(Startup).GetTypeInfo().Assembly.GetName().Name;
services.AddMvc();
services.AddDbContext应用程序/x-www-form-urlencoded 1473
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler:信息:AuthenticationScheme:cookie已登录。
Microsoft.AspNetCore.Hosting.Internal.WebHost:信息:请求在5.4353ms 302中完成
Microsoft.AspNetCore.Hosting.Internal.WebHost:信息:请求启动HTTP/1.1get
Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:信息:与{action=“Contact”,controller=“Home”,page=“”,area=“”}匹配的路由。在控制器IdentityTestClient.Controllers.HomeController(IdentityTestClient)上执行带有签名Microsoft.AspNetCore.Mvc.IActionResult Contact()的控制器操作。
Microsoft.AspNetCore.Authorization.DefaultAuthorizationService:信息:授权失败。
Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:信息:对筛选器“Microsoft.AspNetCore.Mvc.Authorization.authorizationFilter”处的请求的授权失败。
Microsoft.AspNetCore.Mvc.ChallengeResult:信息:使用身份验证方案()执行ChallengeResult。
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler:信息:AuthenticationScheme:oidc被质询。
Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:信息:在8.3527ms内执行操作IdentityTestClient.Controllers.HomeController.Contact(IdentityTestClient)
Microsoft.AspNetCore.Hosting.Internal.WebHost:信息:请求在17.5244ms 302中完成
无限循环的Url如下所示
这两个项目都配置了SSL以在本地运行https
我正在尝试实现一个单一的登录解决方案,它在不同的域中有多个网站,并使用Identity server进行登录。
任何输入都将不胜感激。services.AddDefaultIdentity().AddEntityFrameworkStores来自官方存储库。在我的情况下,问题是两个应用程序(IS4和我的api)都在使用http。在登录(并在浏览器中打开该会话)后,我将两个应用程序都移动到SSL。然后循环开始。
我的解决方案是删除所有cookie。现在正在处理示例项目。结果,Identity server项目未启动(HTTP错误502.5-进程失败)。当我尝试使用mvc客户端进行连接时,出现错误网关。尝试了链接中提到的配置,但无效:(问题中提到的客户端配置仅对我有效。我知道有很多配置代码需要删除,但现在我希望通过客户端和服务器实现所需的结果。获得以下异常“InvalidOperationException:No service for type'Microsoft.AspNetCore.Identity.UserManager`1”[Microsoft.AspNetCore.Identity.IdentityUser]”已注册。“我是从identity server git下载并处理示例项目的。很难理解。您的消息太乱了。您指的是哪一方,客户机还是服务器?据我所知,最初服务器端一切正常,只有客户机有错误行为,对吗?您是否保持服务器不变?然后您必须清理服务器d到ASP.Net Identity和IdentityUser客户端。这必须起作用。谢谢@d-f,我花了一些时间来理解这个中间件。在完成了两个示例项目后,我解决了客户端和服务器中的问题。正如您在回答中提到的,不需要代码,它解决了客户端中的问题。有一个_loginPartial初始测试时在客户端项目中添加了共享文件,该文件用于使用SignInManager的登录页面
new Client {
ClientId = "SingleSignOnInternalClient",
ClientName = "Example Implicit Client Application",
AllowedGrantTypes = GrantTypes.Implicit,
AllowAccessTokensViaBrowser = true,
AllowedScopes = new List<string>
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email,
"role",
"customAPI.write"
},
AllowedCorsOrigins = new List<string> {"192.168.6.112"},
RedirectUris = new List<string> {"https://localhost:44330/signin-oidc"}, // Configuration.GetSection("TestClient").GetSection("RedirectURL").Value
PostLogoutRedirectUris = new List<string> {"https://localhost:44330"},
RequireConsent = false,
AllowRememberConsent = false,
AccessTokenType = AccessTokenType.Jwt
},
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
// Use cooking authentication for signing in users.
services.AddAuthentication(options =>
{
options.DefaultScheme = "cookie";
options.DefaultChallengeScheme = "oidc";
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie("cookie")
.AddOpenIdConnect("oidc", options =>
{
options.Authority = Configuration.GetValue<string>("Authority:EndPoint"); //services.Configure<"Authority">(Configuration.GetSection("EndPoint"));
options.ClientId = "SingleSignOnInternalClient";
options.SignInScheme = "cookie";
options.SaveTokens = true;
//options.GetClaimsFromUserInfoEndpoint = true;
options.RequireHttpsMetadata = false;
});
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => false;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<IdentityUser>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddMvc(options =>
{
///options.Filters.Add
}).SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
}