1. 首頁
  2. 問答
  3. OpenIdConnectAuthentication,與Asp.net應用程序一起使用無限循環AuthorizationCodeReceived

OpenIdConnectAuthentication,與Asp.net應用程序一起使用無限循環AuthorizationCodeReceived

2017-07-31 224 views
1

我正在使用Owin,OpenId身份驗證爲我的asp.net應用程序來驗證用戶使用Azure登錄。但是一旦我從azure和重定向完成登錄,AuthorizationCodeReceived會進入無限循環。以下是我用過的代碼。OpenIdConnectAuthentication,與Asp.net應用程序一起使用無限循環AuthorizationCodeReceived

我已經嘗試過不同的帖子,如下所示的各種建議,但這並沒有幫助我。

  • https://github.com/IdentityServer/IdentityServer3/issues/3239

  • infinite loop going back to authentication page when using OAuth in MVC5

  • Second sign-in causes infinite redirect loop after the first successful login MVC .NET 5 OWIN ADAL OpenIDConnect

  • 設置Call​​backPath

    app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

    app.UseKentorOwinCookieSaver(); //did not work 
    app.UseCookieAuthentication(new CookieAuthenticationOptions() 
    { 
     //CookieHttpOnly = false, 
     //CookieSecure = CookieSecureOption.SameAsRequest, //Did not work 
     //CookieManager = new SystemWebCookieManager() //did not work 
     AuthenticationType = "Cookies" 
    } 
    ); 
    app.UseOpenIdConnectAuthentication(
     new OpenIdConnectAuthenticationOptions 
     { 
      ClientId = clientId, 
      Authority = authority, 
      PostLogoutRedirectUri = postLogoutRedirectUri, 
      RedirectUri = postLogoutRedirectUri, 
      CallbackPath = new PathString("/my_Azure/Start.aspx"), 

      Notifications = new OpenIdConnectAuthenticationNotifications() 
      { 
       // 
       // If there is a code in the OpenID Connect response, redeem it for an access token and refresh token, and store those away. 
       // 
       AuthorizationCodeReceived = (context) => 
       { 
        var code = context.Code; 
        ClientCredential credential = new ClientCredential(clientId, appKey); 
        string signedInUserID = context.AuthenticationTicket.Identity.FindFirst(ClaimTypes.NameIdentifier).Value; 
        Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext authContext = new Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext(authority, new ADALTokenCache(signedInUserID)); 
        AuthenticationResult result = authContext.AcquireTokenByAuthorizationCode(
        code, new Uri(HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Path)), credential, graphResourceId); 

        return Task.FromResult(0); 
       } 
      } 
     } 
     ); 


    // This makes any middleware defined above this line run before the Authorization rule is applied in web.config 
    app.UseStageMarker(PipelineStage.Authenticate);

來源

2017-07-31 Arvind

+1

懷疑這是代碼問題,因爲代碼示例[這裏](https://github.com/Azure-Samples/active-directory-dotnet-webapp-openidconnect)適用於我。代碼示例是否適合您? –

+0

問題是在web.config中的授權設置,我曾使用拒絕<拒絕用戶=「*」/>這導致應用程序拒絕所有授權因此進入循環,當我將其更改爲<拒絕用戶=「 ?「/>它工作正常。 – Arvind

回答

0

的問題是有,我曾使用web.config中的權限設置否認<deny users="*"/>這引起了否認所有授權的應用程序,因此要在一個循環中,當我把它改成<deny users="?"/>它開始工作過精細。

來源

2017-08-30 09:51:04 Arvind

相關問題

 相關問題