ASP.Net Core 2.2 SignInManager'没有为方案'Identity.Application'注册任何登录身份验证处理程序 [英] ASP.Net Core 2.2 SignInManager 'No sign-in authentication handler is registered for the scheme 'Identity.Application'
问题描述
我在Startup.cs中具有以下配置:
I have the following configurations in Startup.cs:
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
//options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
}).AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, o => {
o.LoginPath = Routes.Urls.AdminAccountLogin;
o.AccessDeniedPath = Routes.Urls.AdminAccountAccessdenied;
}).AddJwtBearer(configureOptions => {});
当控制器的登录操作调用SignInManger.PasswordSignInAsync
时,应用程序将引发以下异常:
The application throws the following exception when the controller Login action calls SignInManger.PasswordSignInAsync
:
发生异常:CLR/System.InvalidOperationException
抛出异常:System.Private.CoreLib.dll中的'System.InvalidOperationException':'未为方案'Identity.Application'注册任何登录身份验证处理程序.注册的登录方案为:Cookies.您是否忘记了调用AddAuthentication().AddCookies("Identity.Application",...)?'
Exception has occurred: CLR/System.InvalidOperationException
Exception thrown: 'System.InvalidOperationException' in System.Private.CoreLib.dll: 'No sign-in authentication handler is registered for the scheme 'Identity.Application'. The registered sign-in schemes are: Cookies. Did you forget to call AddAuthentication().AddCookies("Identity.Application",...)?'
Identity.Application
来自哪里?
推荐答案
简短(不那么有用)答案:
Short (and not as helpful) Answer:
具体来说,它来自类Microsoft.AspNetCore.Identity.IdentityConstants.ApplicationScheme
长答案,以及整个细分:
Long Answer, with the whole breakdown:
您需要添加身份-该方案已建立,并已通过AddIdentity
扩展方法连接到身份验证
You need to add Identity - That scheme is stood up and connected to authentication in the AddIdentity
extension method
扩展方法在Microsoft.Extensions.DependencyInjection.IdentityServiceCollectionExtensions
public static IdentityBuilder AddIdentity<TUser, TRole>(this IServiceCollection services, Action<IdentityOptions> setupAction) where TUser: class where TRole: class
{
services.AddAuthentication(delegate (AuthenticationOptions options) {
options.DefaultAuthenticateScheme = IdentityConstants.ApplicationScheme;
options.DefaultChallengeScheme = IdentityConstants.ApplicationScheme;
options.DefaultSignInScheme = IdentityConstants.ExternalScheme;
}).AddCookie(IdentityConstants.ApplicationScheme, delegate (CookieAuthenticationOptions o) {
o.LoginPath = new PathString("/Account/Login");
CookieAuthenticationEvents events1 = new CookieAuthenticationEvents();
events1.OnValidatePrincipal = new Func<CookieValidatePrincipalContext, Task>(SecurityStampValidator.ValidatePrincipalAsync);
o.Events = events1;
}).AddCookie(IdentityConstants.ExternalScheme, delegate (CookieAuthenticationOptions o) {
o.Cookie.Name = IdentityConstants.ExternalScheme;
o.ExpireTimeSpan = TimeSpan.FromMinutes((double) 5.0);
}).AddCookie(IdentityConstants.TwoFactorRememberMeScheme, delegate (CookieAuthenticationOptions o) {
o.Cookie.Name = IdentityConstants.TwoFactorRememberMeScheme;
CookieAuthenticationEvents events1 = new CookieAuthenticationEvents();
events1.OnValidatePrincipal = new Func<CookieValidatePrincipalContext, Task>(SecurityStampValidator.ValidateAsync<ITwoFactorSecurityStampValidator>);
o.Events = events1;
}).AddCookie(IdentityConstants.TwoFactorUserIdScheme, delegate (CookieAuthenticationOptions o) {
o.Cookie.Name = IdentityConstants.TwoFactorUserIdScheme;
o.ExpireTimeSpan = TimeSpan.FromMinutes((double) 5.0);
});
services.AddHttpContextAccessor();
services.TryAddScoped<IUserValidator<TUser>, UserValidator<TUser>>();
services.TryAddScoped<IPasswordValidator<TUser>, PasswordValidator<TUser>>();
services.TryAddScoped<IPasswordHasher<TUser>, PasswordHasher<TUser>>();
services.TryAddScoped<ILookupNormalizer, UpperInvariantLookupNormalizer>();
services.TryAddScoped<IRoleValidator<TRole>, RoleValidator<TRole>>();
services.TryAddScoped<IdentityErrorDescriber>();
services.TryAddScoped<ISecurityStampValidator, SecurityStampValidator<TUser>>();
services.TryAddScoped<ITwoFactorSecurityStampValidator, TwoFactorSecurityStampValidator<TUser>>();
services.TryAddScoped<IUserClaimsPrincipalFactory<TUser>, UserClaimsPrincipalFactory<TUser, TRole>>();
services.TryAddScoped<UserManager<TUser>>();
services.TryAddScoped<SignInManager<TUser>>();
services.TryAddScoped<RoleManager<TRole>>();
if (setupAction != null)
{
services.Configure<IdentityOptions>(setupAction);
}
return new IdentityBuilder(typeof(TUser), typeof(TRole), services);
}
如果您遵循此AddCookie
通话
.AddCookie(IdentityConstants.ApplicationScheme, delegate (CookieAuthenticationOptions o) {
o.LoginPath = new PathString("/Account/Login");
CookieAuthenticationEvents events1 = new CookieAuthenticationEvents();
events1.OnValidatePrincipal = new Func<CookieValidatePrincipalContext, Task>(SecurityStampValidator.ValidatePrincipalAsync);
o.Events = events1;
它最终使用"Identity.Application"方案和CookieAuthenticationHandler
it eventually configures AuthenticationOptions
with the "Identity.Application" scheme and a CookieAuthenticationHandler
致电SignInManager.PasswordSignInAsync
时:
-
SignInManager
检查数据库中的用户名/密码(如果启用,则进行两个因素的处理),然后检查是否正确 - 使用身份应用程序方案创建
ClaimsPrincipal
并将其发送到HttpContext.SignInAsync
(扩展方法),请参见此处 - 在
AuthenticationService
中,它使用对象链-
IAuthenticationHandlerProvider
=>IAuthenticationSchemeProvider
=>先前配置的AuthenticationOptions
构成一个AuthenticationScheme
,在这种情况下,该AuthenticationScheme
为IAuthenticationHandler
提供服务.参见此处和此处和此处 -
CookieAuthenticationHandler.HandleSignInAsync
创建,加密和添加cookie.
SignInManager
checks the username/password in the database (and does two factor flow if enabled), then if good- creates the
ClaimsPrincipal
and sends it toHttpContext.SignInAsync
(an extension method) with the identity application scheme, see here - Which gets the
IAuthenticationService
(added to DI byAddAuthentication
), see here - In
AuthenticationService
, it uses a chain of objectsIAuthenticationHandlerProvider
=>IAuthenticationSchemeProvider
=> the previously configuredAuthenticationOptions
to construct anAuthenticationScheme
which serves up theIAuthenticationHandler
in this caseCookieAuthenticationHandler
. see here and here and hereCookieAuthenticationHandler.HandleSignInAsync
creates, encrypts and adds the cookie.
现在有cookie,因此
AuthenticationMiddleware
中的下一个请求(通常是登录后的重定向)称为HttpContext.AuthenticateAsync
方法,其遵循的流程类似于Now the cookie is there, so the next request (often a redirect after login) in the
AuthenticationMiddleware
, theHttpContext.AuthenticateAsync
method is called, which follows a similar flow to-
CookieAuthenticationHandler.HandleAuthenticateAsync
读取cookie并传回ClaimsPrincipal
- 此对象已分配给
HttpContext.User
,使其可以访问请求管道的所有其他区域,例如授权,请参见
CookieAuthenticationHandler.HandleAuthenticateAsync
which reads the cookie and passes back aClaimsPrincipal
,- this is assigned to
HttpContext.User
, making it accessible to all the other areas of the request pipeline, like authorization, see here
这篇关于ASP.Net Core 2.2 SignInManager'没有为方案'Identity.Application'注册任何登录身份验证处理程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
-