IdentityServer进入身份验证的无限循环 [英] IdentityServer gets into infinite loop of authentication
问题描述
我在IdentityServer中设置了以下客户端:
I have the following client set up in IdentityServer:
new Client
{
ClientName = "My web application",
Enabled = true,
ClientId = "mywebapp",
ClientSecrets = new List<ClientSecret>
{
new ClientSecret("somesecret")
},
Flow = Flows.Hybrid,
ClientUri = "https://app.mydomain.com",
RedirectUris = new List<string>
{
"oob://localhost/wpfclient",
"http://localhost:2672/",
"https://app.mydomain.com"
}
}
它是在线托管的,例如https://auth.mydomain.com/core
.
And it is hosted online, let's say https://auth.mydomain.com/core
.
尝试修改 MVC OWIN客户端(混合)示例客户端登录到上述身份服务器,在Startup.cs
中,我修改了ClientId
,ClientSecret
和RedirectUri
以匹配IdSrv中的客户端设置.现在,当我尝试导航到需要授权的页面时,我将重定向到IdentityServer的URL.当我登录时,断点在客户端的Startup.cs
中的AuthorizationCodeReceived
通知处命中,然后进入循环.浏览器的状态显示:
Trying to modify the MVC OWIN Client (Hybrid) sample client to log-in to the above identity server, in Startup.cs
I modified the ClientId
, ClientSecret
and RedirectUri
to match the client settings in IdSrv. Now when I try to navigate to a page that requires authorization, I am redirected to IdentityServer's URL. When I log-in, the breakpoint hits at AuthorizationCodeReceived
notification in the client's Startup.cs
and then gets into a loop. The browser's status shows:
Waiting for localhost...
Waitnig for auth.mydomain.com...
Waiting for localhost...
Waitnig for auth.mydomain.com...
...
,依此类推,并且永远不会完成登录.为什么会这样呢?请帮忙.
and so on and never finishes the log-in. Why is this happening? Please help.
谢谢!
推荐答案
最可能的原因是在重定向中混合使用了HTTP和https.请一致使用一种方案,然后在浏览器地址栏上检查该方案.
Most probably this is caused by mixing http and https in redirects. Please use one scheme consistently and check the scheme on browser address-bar.
这篇关于IdentityServer进入身份验证的无限循环的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!