OWIN OpenID 提供程序 - GetExternalLoginInfo() 返回 null [英] OWIN OpenID provider - GetExternalLoginInfo() returns null
问题描述
我在使用 ASP.NET Identity 并基于 VS2013 模板和个人用户帐户身份验证的 ASP.NET MVC5 应用程序中遇到 OWIN OpenId 提供程序的问题.Google 和 LinkedIn 的 OWIN OpenID 提供商用于登录身份验证.
I'm having problem with OWIN OpenId providers in an ASP.NET MVC5 application which uses ASP.NET Identity and is based on the VS2013 template with Individual user account authentication. OWIN OpenID providers for Google and LinkedIn are used for login authentication.
问题是看起来很随机的东西;即使登录身份验证成功,GetExternalLoginInfo() 在 LoginConfirmation 回调中也返回 null.
var authManager = HttpContext.Current.GetOwinContext().Authentication;
var login = authManager.GetExternalLoginInfo();
使用的提供程序是 Google (Microsoft.Owin.Security.Google 2.1.0) 和 LinkedIn(来自 Owin.Security.Providers 1.3),这两个提供程序都导致相同的问题.
The providers in use are Google (Microsoft.Owin.Security.Google 2.1.0) and LinkedIn (from Owin.Security.Providers 1.3) and both providers causes the same problem.
有时它会失败一次然后再次工作,但有时它会继续失败,直到 AppPool 被回收.
Sometimes it fails once and then works again, but sometimes it just continues to fail until the AppPool is recycled.
当前应用程序的两个实例托管在同一 Windows Azure 虚拟机上的 IIS 中.每个实例都有自己的 AppPool,但具有相同的设置(不同的子域).有时登录在一个实例上停止工作但仍然在另一个实例上工作.
Currently two instances of the application is hosted in IIS on the same Windows Azure virtual machine. Each instance has its own AppPool but identical setups (different subdomains). Sometimes the login stops working on one instance but still works on the other instance.
该问题也已在本地重现(IIS Express - VS2013).
The problem has been reproduced locally as well (IIS Express - VS2013).
有人遇到过 OWIN OpenID 身份验证的类似问题吗?
Startup.Auth.cs 看起来像这样:
Startup.Auth.cs looks like this:
public void ConfigureAuth(IAppBuilder app)
{
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseGoogleAuthentication();
app.UseLinkedInAuthentication("clientId", "clientSecret");
}
正在使用以下 OWIN nuget 软件包:
The following OWIN nuget packages are in use:
<package id="Microsoft.AspNet.Identity.Core" version="1.0.0" targetFramework="net45" />
<package id="Microsoft.AspNet.Identity.Owin" version="1.0.0" targetFramework="net45" />
<package id="Microsoft.Owin" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Host.SystemWeb" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.ActiveDirectory" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Cookies" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Facebook" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Google" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Jwt" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.MicrosoftAccount" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.OAuth" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Twitter" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net45" />
<package id="Owin" version="1.0" targetFramework="net45" />
<package id="Owin.Security.Providers" version="1.3" targetFramework="net45" />
<package id="System.IdentityModel.Tokens.Jwt" version="3.0.2" targetFramework="net45" />
推荐答案
ASP.NET_SessionId
cookie 丢失时出现的问题.
The problem occurs when ASP.NET_SessionId
cookie is missing.
在重定向到 OpenID 提供程序以获取凭据之前在会话中设置一个虚拟值似乎可以解决问题:
Setting a dummy value in session before redirecting to the OpenID provider for credentials seems to solve the problem:
[AllowAnonymous]
public ActionResult Login(string returnUrl)
{
Session["dummy"] = "dummy"; // Create ASP.NET_SessionId cookie
return View();
}
此答案中的更多详细信息:https://stackoverflow.com/a/21234614/205023
More details in this answer: https://stackoverflow.com/a/21234614/205023
这篇关于OWIN OpenID 提供程序 - GetExternalLoginInfo() 返回 null的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!