我使用UseOpenIdConnectAuthentication中間件ASP.Net核心應用對抗戴爾的雲訪問管理令牌認證供應商(安裝程序提供的OpenID/OAuth2用戶身份驗證)。以下是代碼:OpenIdConnectAuthenticationHandler:message.State爲空或空
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AutomaticAuthenticate = true,
AutomaticChallenge = true,
AuthenticationScheme = "ClientCookie",
CookieName = CookieAuthenticationDefaults.CookiePrefix + "ClientCookie",
ExpireTimeSpan = TimeSpan.FromMinutes(5),
LoginPath = new PathString("/signin"),
LogoutPath = new PathString("/signout")
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
RequireHttpsMetadata = false,
SaveTokens = true,
ClientId = "XYZClient_Id",
ClientSecret = "XYZ_ClientSecret",
ResponseType = OpenIdConnectResponseType.Code,
PostLogoutRedirectUri = "https://example.com",
Configuration = new OpenIdConnectConfiguration {
AuthorizationEndpoint = "https://CAM.COM/CloudAccessManager/RPSTS/OAuth2/Default.aspx",
TokenEndpoint = "https://CAM.COM/CloudAccessManager/RPSTS/OAuth2/Token.aspx",
UserInfoEndpoint = "https://CAM.COM/CloudAccessManager/RPSTS/OAuth2/User.aspx",
Issuer= "urn:CAM.COM/CloudAccessManager/RPSTS",
}
});
但是我現在被困在一個點上了幾個小時。我得到以下錯誤:
SecurityTokenInvalidSignatureException:IDX10500:簽名驗證失敗。有沒有使用驗證簽名
我得到的代碼和國家早在網址查詢字符串 https://example.com/signin-oidc?code=somecode&state=somestate
任何類型的指導表示讚賞安全密鑰。
UPDATE 增加發行人的簽名密鑰:
TokenValidationParameters = new TokenValidationParameters
{
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration.GetValue<string>("AppSettings:ClientSecret")))
}
這節省了我很多時間,可以開始使用手動添加的簽名密鑰,因爲我的供應商沒有提供配置發現終點。也感謝您的即時回覆 – CodeZero
如果答案有幫助,請隨時註冊/標記爲已接受;) – Pinpoint