ASPNET Core OIDC关联失败 [英] ASPNET Core OIDC Correlation Failed

问题描述

我已经在StackOverflow上看到了很多类似的问题，但是没有一个解决方案对我有用.

I have looked at a bunch of similar issues on StackOverflow similar to this but none of the solutions have worked for me.

这个问题使我发疯！

与许多类似服务器的主要区别在于，负载均衡器后面只有一台服务器，因此问题不在于我的请求将发送到其他服务器.我已经实现了数据保护中间件，更改了我的回调路径，试图捕获错误事件，添加了状态数据缓存，等等.我不知道我在想什么.

The main difference I have from many of the similar ones here is that I have only ONE server behind the load balancer, so the issue is not that my requests are going to different servers. I have implemented Data Protection middleware, changed my callback path, tried to capture error events, added a cache for state data, etc. Nothing has solved this. I don't know what I am missing.

如果有人能为我提供一些见解，我将不胜感激.

If anyone can provide me some insight on this, I would greatly appreciate it.

services.AddAuthentication(options =>
            {
                options.DefaultScheme = "Cookies";
                options.DefaultChallengeScheme = "oidc";
            })
            .AddCookie("Cookies")
            .AddOpenIdConnect("oidc", options =>
            {
                options.SignInScheme = "Cookies";
                options.ClientId = Configuration["IdServerClientId"];
                options.ClientSecret = Configuration["IdServerClientSecret"];
                options.Authority = Configuration["IdServerBaseUri"];
                options.CallbackPath = "/sign-in-oidc2";
                options.RequireHttpsMetadata = false;
                options.ResponseType = "code id_token";
                options.SaveTokens = true;
                options.TokenValidationParameters = new TokenValidationParameters()
                {
                    NameClaimType = "name"
                };
                options.Scope.Add("openid");
                options.Scope.Add("profile");
                options.Scope.Add("email");
                options.Events = new OpenIdConnectEvents()
                {
                    //OnRedirectToIdentityProvider = OnRedirectToProvider,
                    OnRemoteFailure = OnRemoteFailure,
                    OnAuthenticationFailed = OnAuthenticationFailed
                };
            });

        services.AddOidcStateDataFormatterCache("foo");

        services.AddDataProtection()
            .PersistKeysToFileSystem(new DirectoryInfo(Configuration["KeyPersistenceLocation"]));

推荐答案

如果其他人遇到此问题，请在这里找到答案:

Found the answer here if anyone else encounters this:

https://docs.microsoft.com/zh-cn/aspnet/core/host-and-deploy /proxy-load-balancer?view=aspnetcore-2.1#，如果无法添加转发的标头和所有请求都是安全的

在启动时的Configure方法中，需要添加它以处理http/https冲突.

In the Configure method on Startup, need to add this for handling http/https conflicts.

app.Use((context, next) =>
{
    context.Request.Scheme = "https";
    return next();
});

这篇关于ASPNET Core OIDC关联失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！