DotNetOpenAuth中的NullReferenceException [英] NullReferenceException in DotNetOpenAuth
问题描述
我在ASP.NET MVC应用程序中查找了导致NullReferenceException的缺陷.我是否打破了这一点,还是应该打破大多数安装的DotNetOpenAuth?
I tracked down what appears to be a defect causing a NullReferenceException in my ASP.NET MVC app. Did I break this, or should this break DotNetOpenAuth for the majority of installations?
我明白了:
[NullReferenceException: Object reference not set to an instance of an object.]
DotNetOpenAuth.AspNet.OpenAuthSecurityManager.GetUsername(HttpContextBase context) +27
DotNetOpenAuth.AspNet.OpenAuthSecurityManager.RequestAuthentication(String returnUrl) +341
Controllers.LoginController.Index() +226
这是Index()方法.请注意,它当前在生产中返回 User ,在开发中返回 OK .这些显然是暂时的.注释的代码来自我在下面引用的最后一个URL,在此处我减少了自己和问题之间的代码量.但是,堆栈跟踪仍然相似.
Here's the Index() method. Note it currently returns User in production and OK in development. Those are obviously temporary. The commented code is from the last URL I referenced below, where I reduced the amount of code between me and the problem. The stack trace was still similar, though.
public virtual ActionResult Index()
{
if (HttpContext == null) return Content("HttpContext");
if (HttpContext.User == null) return Content("User");
if (HttpContext.User.Identity == null) return Content("Identity");
return Content("OK");
new OpenAuthSecurityManager(HttpContext, s_fbClient, OAuthDataProvider.Instance)
.RequestAuthentication(Url.Action(Actions.Callback()));
// OAuthWebSecurity
// .RequestAuthentication("facebook", Url.Action(Actions.Callback()));
return null;
}
出现异常是因为HttpContext.User为空. 这是DotNetOpenAuth.AspNet库源代码对于这种失败的方法.
The exception arises because HttpContext.User is null. Here's the DotNetOpenAuth.AspNet library source for that failing method.
private static string GetUsername(HttpContextBase context) {
string username = null;
if (context.User.Identity.IsAuthenticated) {
username = context.User.Identity.Name;
}
return username ?? string.Empty;
}
User显然具有从IIS集成模式可用以来就可以为空.这解释了为什么我在默认设置下运行IIS Express时为什么在开发中看不到它,但没有解释为什么我找不到有关缺陷的任何信息.集成模式于2007年发布,至今仍保持DotNetOpenAuth. Microsoft文档对设置说了这样的话:
User has apparently has been nullable ever since IIS Integrated Mode was available. This explains why I don't see it in development, as I'm running IIS Express with defaults, but it doesn't explain why I can't find any information about the defect. Integrated mode was released in 2007, and DotNetOpenAuth is still maintained. Microsoft docs say this about the setting:
经典模式:仅当 应用程序池无法在集成模式下运行.
Classic Mode: Use this mode only when the applications in the application pool cannot run in Integrated mode.
我必须丢失一些东西,因为似乎每个人都应该遇到这个问题.
I must be missing something, because it seems like everyone should have this issue.
我NuGet是否以某种方式维护了一个未维护的库?这似乎很奇怪,因为它表明它是在一周前更新的.但是,当我点击NuGet的文档链接时,到达的源代码似乎甚至没有有一个AspNet命名空间,出现了我的异常.
Have I NuGet'ed a non-maintained library somehow? It seems odd, since it shows it was just updated a week ago. But when I follow the documentation link from NuGet, the source code I arrive at doesn't seem to even have an AspNet namespace, where my exception arose.
我目前使用的唯一相关软件包是 DotNetOpenAuth.AspNet (它有8个依赖项),最近不到一个星期前发布.我也尝试过其他包.我不需要SimpleAuth或任何WebMatrix爵士乐.在解决此问题的过程中,我尝试按照 http ://techblog.dorogin.com/2013/06/Microsoft.AspNet.WebPages.OAuth.html
The only related package I use is currently DotNetOpenAuth.AspNet (and it has 8 dependencies), last published less than a week ago. I've tried other packages also. I don't need SimpleAuth or any WebMatrix jazz. In the process of resolving this, I tried switching libraries as described http://techblog.dorogin.com/2013/06/Microsoft.AspNet.WebPages.OAuth.html
记录了与此相关的缺陷,但似乎该库可能无法维护. https://github.com/DotNetOpenAuth/DotNetOpenAuth/issues/317#issuecomment- 29580565
Logged a defect related to this, but it seems this library may not be maintained. https://github.com/DotNetOpenAuth/DotNetOpenAuth/issues/317#issuecomment-29580565
