如何修复在Azure AD上注销ASP.NET Core MVC应用时出现的错误404? [英] How to fix error 404 when logging out on an ASP.NET Core MVC app against Azure AD?
本文介绍了如何修复在Azure AD上注销ASP.NET Core MVC应用时出现的错误404?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在将ASP.NET Core MVC 3.0应用集成到Azure AD进行身份验证和授权,一切工作正常,但当我尝试注销时,一旦login.microsoftonline.com注销,它将重定向到我的应用,然后出现以下错误:
No webpage was found for the web address:
https://localhost:5002/Account/SignOut?page=%2FAccount%2FSignedOut
我用来调用注销过程的路径是/AzureAD/Account/SignOut。
appsettings.json的内容:
{
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "[OMITTED]",
"TenantId": "[OMITTED]",
"ClientId": "[OMITTED]",
"CallbackPath": "/signin-oidc"
},
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"AllowedHosts": "*"
}
以下是我的Startup.cs类的内容:
using System.Collections.Generic;
using System.Globalization;
using MySite.WebSite.Helpers;
using MySite.WebSite.Models.Validators;
using MySite.WebSite.Models.ViewModels;
using FluentValidation;
using FluentValidation.AspNetCore;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.AzureAD.UI;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Localization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Authorization;
using Microsoft.AspNetCore.Mvc.Razor;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Localization;
namespace MySite.WebSite
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services
.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<CookieAuthenticationOptions>(AzureADDefaults.CookieScheme, options =>
{
options.AccessDeniedPath = "/Home/AccessDenied";
options.LogoutPath = "/";
});
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
options.Authority += "/v2.0/";
options.TokenValidationParameters.ValidateIssuer = false;
});
services.AddLocalization(options => options.ResourcesPath = "Resources");
services
.AddControllersWithViews(options => options.Filters.Add(GetAuthorizeFilter()))
.SetCompatibilityVersion(CompatibilityVersion.Version_3_0)
.AddViewLocalization(LanguageViewLocationExpanderFormat.Suffix)
.AddDataAnnotationsLocalization()
.AddFluentValidation();
services.AddTransient<IValidator<ContactIndexViewModel>, ContactIndexViewModelValidator>();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseRequestLocalization(GetLocalizationOptions());
app.UseStaticFiles(GetStaticFileOptions());
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
private RequestLocalizationOptions GetLocalizationOptions()
{
var cookie_request_culture_provider = new CookieRequestCultureProvider
{
CookieName = "UserCulture"
};
var providers = new List<IRequestCultureProvider>()
{
cookie_request_culture_provider,
new AcceptLanguageHeaderRequestCultureProvider()
};
var result = new RequestLocalizationOptions
{
RequestCultureProviders = providers,
SupportedCultures = Cultures.SupportedCultures,
SupportedUICultures = Cultures.SupportedCultures,
DefaultRequestCulture = new RequestCulture(Cultures.DefaultCulture)
};
return result;
}
private StaticFileOptions GetStaticFileOptions()
{
var result = new StaticFileOptions
{
ServeUnknownFileTypes = true,
DefaultContentType = "text/plain"
};
return result;
}
private AuthorizeFilter GetAuthorizeFilter()
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
var result = new AuthorizeFilter(policy);
return result;
}
}
}
推荐答案
在Microsoft.AspNetCore.Authentication.AzureAD.UI中实现了[3-0];该包在ASP.NET Core中实现了Azure AD身份验证/授权流,其中的一部分是嵌入式AccountController(区域AzureAD),它将登录-注销过程从您的肩上移开。问题是,一旦注销过程完成,SignOut操作硬编码到/Account/SignOut?page=%2FAccount%2FSignedOut的重定向就会出现问题。
我设法解决了这个问题,方法是实现一个小的Account控制器(没有区域),并添加一个SignOut操作来处理来自Microsoft.AspNetCore.Authentication.AzureAD.UI的AccountController的重定向:
[AllowAnonymous]
public class AccountController : Controller
{
[HttpGet]
public IActionResult SignOut(string page)
{
return RedirectToAction("Index", "Home");
}
}
这篇关于如何修复在Azure AD上注销ASP.NET Core MVC应用时出现的错误404?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
