OWIN OpenID提供商 - GetExternalLoginInfo()返回null [英] OWIN OpenID provider - GetExternalLoginInfo() returns null
问题描述
我在使用中,使用ASP.NET身份和基于与单个用户帐户验证VS2013模板的ASP.NET应用程序MVC5 OWIN的OpenID提供问题。 OWIN的OpenID提供商谷歌和LinkedIn用于登录验证。
的问题是,似乎是很随意; GetExternalLoginInfo()时,即使登录认证成功的LoginConfirmation回调返回null。
VAR authManager = HttpContext.Current.GetOwinContext()认证;
VAR登录= authManager.GetExternalLoginInfo();
在使用的提供商谷歌(Microsoft.Owin.Security.Google 2.1.0)和LinkedIn(从Owin.Security.Providers 1.3)和供应商都导致了同样的问题。
有时,失败一次,然后再工作,但有时它只是继续失败,直到程序池被回收。
目前应用程序的两个实例在IIS托管相同的Windows Azure虚拟机上。每个实例都有自己的应用程序池,但相同的设置(不同的子域)。有时,登录停止工作的一个实例,但仍适用于其它实例。
问题已经局部再现以及(IIS防爆preSS - VS2013)。
任何人都遇到过类似的问题,OWIN OpenID身份验证?
Startup.Auth.cs看起来是这样的:
公共无效ConfigureAuth(IAppBuilder应用程序)
{
//使应用程序能够使用cookie来存储信息,在用户签订
app.UseCookieAuthentication(新CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LOGINPATH =新PathString(/帐号/登录),
});
//使用cookie来临时存储有关用户记录的信息与第三方供应商登录
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); app.UseGoogleAuthentication(); app.UseLinkedInAuthentication(的clientId,clientSecret);
}
以下OWIN的NuGet包在使用中:
<包ID =Microsoft.AspNet.Identity.Core版本=1.0.0targetFramework =net45/>
<包ID =Microsoft.AspNet.Identity.Owin版本=1.0.0targetFramework =net45/>
<包ID =Microsoft.Owin版本=2.1.0targetFramework =net45/>
<包ID =Microsoft.Owin.Host.SystemWeb版本=2.1.0targetFramework =net45/>
<包ID =Microsoft.Owin.Security版本=2.1.0targetFramework =net45/>
<包ID =Microsoft.Owin.Security.ActiveDirectory版本=2.1.0targetFramework =net45/>
<包ID =Microsoft.Owin.Security.Cookies版本=2.1.0targetFramework =net45/>
<包ID =Microsoft.Owin.Security.Facebook版本=2.1.0targetFramework =net45/>
<包ID =Microsoft.Owin.Security.Google版本=2.1.0targetFramework =net45/>
<包ID =Microsoft.Owin.Security.Jwt版本=2.1.0targetFramework =net45/>
<包ID =Microsoft.Owin.Security.MicrosoftAccount版本=2.1.0targetFramework =net45/>
<包ID =Microsoft.Owin.Security.OAuth版本=2.1.0targetFramework =net45/>
<包ID =Microsoft.Owin.Security.Twitter版本=2.1.0targetFramework =net45/>
<包ID =Microsoft.Web.Infrastructure版本=1.0.0.0targetFramework =net45/>
<包ID =Owin版本=1.0targetFramework =net45/>
<包ID =Owin.Security.Providers版本=1.3targetFramework =net45/>
<包ID =System.IdentityModel.Tokens.Jwt版本=3.0.2targetFramework =net45/>
在 ASP.NET_SessionId cookie被丢失,会出现问题。
重定向到OpenID提供商凭据之前设置会话的虚拟价值似乎来解决这个问题:
[使用AllowAnonymous]
公众的ActionResult登录(字符串RETURNURL)
{
会话[虚拟] =假的; //创建ASP.NET_SessionId的cookie 返回查看();
}
在这个答案的更多细节: http://stackoverflow.com/a/21234614/205023
I'm having problem with OWIN OpenId providers in an ASP.NET MVC5 application which uses ASP.NET Identity and is based on the VS2013 template with Individual user account authentication. OWIN OpenID providers for Google and LinkedIn are used for login authentication.
The problem is that what seems to be very randomly; GetExternalLoginInfo() returns null at the LoginConfirmation callback even though the login authentication was successful.
var authManager = HttpContext.Current.GetOwinContext().Authentication;
var login = authManager.GetExternalLoginInfo();
The providers in use are Google (Microsoft.Owin.Security.Google 2.1.0) and LinkedIn (from Owin.Security.Providers 1.3) and both providers causes the same problem.
Sometimes it fails once and then works again, but sometimes it just continues to fail until the AppPool is recycled.
Currently two instances of the application is hosted in IIS on the same Windows Azure virtual machine. Each instance has its own AppPool but identical setups (different subdomains). Sometimes the login stops working on one instance but still works on the other instance.
The problem has been reproduced locally as well (IIS Express - VS2013).
Anyone experienced similar problems with OWIN OpenID authentication?
Startup.Auth.cs looks like this:
public void ConfigureAuth(IAppBuilder app)
{
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseGoogleAuthentication();
app.UseLinkedInAuthentication("clientId", "clientSecret");
}
The following OWIN nuget packages are in use:
<package id="Microsoft.AspNet.Identity.Core" version="1.0.0" targetFramework="net45" />
<package id="Microsoft.AspNet.Identity.Owin" version="1.0.0" targetFramework="net45" />
<package id="Microsoft.Owin" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Host.SystemWeb" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.ActiveDirectory" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Cookies" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Facebook" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Google" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Jwt" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.MicrosoftAccount" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.OAuth" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Twitter" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net45" />
<package id="Owin" version="1.0" targetFramework="net45" />
<package id="Owin.Security.Providers" version="1.3" targetFramework="net45" />
<package id="System.IdentityModel.Tokens.Jwt" version="3.0.2" targetFramework="net45" />
The problem occurs when ASP.NET_SessionId cookie is missing.
Setting a dummy value in session before redirecting to the OpenID provider for credentials seems to solve the problem:
[AllowAnonymous]
public ActionResult Login(string returnUrl)
{
Session["dummy"] = "dummy"; // Create ASP.NET_SessionId cookie
return View();
}
More details in this answer: http://stackoverflow.com/a/21234614/205023
这篇关于OWIN OpenID提供商 - GetExternalLoginInfo()返回null的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
