将我的注册页面中的第三方登录与IdentityServer4和Angular 6集成-“在存储中找不到匹配状态" [英] Integrate third party login in from my registration page with IdentityServer4 and Angular 6 - 'No matching state found in storage'

问题描述

我正在尝试在注册页面中实现第三方身份验证，但无法使其与IdentityServer4一起使用.由于oidc客户端正在启动登录请求，因此我可以在登录页面中使用它.但是，oidc客户端无法识别到我的注册页面的请求，因此当我发回认证令牌时，它无法识别状态并抛出异常:在存储中找不到匹配的状态".

I'm trying to implement a third-party auth in my sign up page, but I can't get it to work with IdentityServer4. I have it working in my login page since the oidc client is initiating the login request. However the oidc client is not aware of a request to my registration page, so when I send an auth token back, it doesn't recognize the state and throws an exception: 'No matching state found in storage'.

我知道IdentityServer4不正式支持用户注册.我已经使用ASP.Net Identity进行了注册设置，但是能够在我的注册页面上通过[第三方提供商]添加注册非常好.有什么办法可以解决这个问题?我可以手动设置状态并将注册请求发送给我的身份提供者吗?这样，如果用户选择登录，则oidc客户端将具有有效状态.还有其他办法吗?谢谢.

I know IdentityServer4 does not officially support user registration. I've got registration set up with ASP.Net Identity, but it would be nice to be able to add a Sign Up with [Third party provider] on my registration page. Is there any way that I can get around this? Can I set the state manually and send the registration request to my identity provider? That way, if the user chooses to log in instead, then the oidc client will have a valid state. Is there any other way? Thanks.

推荐答案

我终于找到了解决此问题的方法.正如我在回答中所说，oidc客户端在本地存储中维护状态信息，以便它可以验证它是否从预期的服务器获得了响应.您可以通过生成一个安全的随机字符串并将其保存在localStorage中来模拟这一点.在将请求发送到身份验证服务器以注册新用户之前，请执行此操作.代码如下:

I finally found a solution to this problem. As I stated in my answer, the oidc client maintains state information in the local storage so that it can verify that it got the response back from the intended server. You can mimic this by generating a secure random string and saving it in localStorage. Do this before sending a request to your auth server to register a new user. The code looks like this:

    const nonce = this.generateUniqueString();
    const state = this.generateUniqueString();
    const date = new Date();

    const query = `${otherQueryOptions}&state=${state}&nonce=${nonce}`;

    const authSessionData = {
        authority: auth_server_url,
        client_id: client_id,
        created: date.getTime(),
        id: state,
        nonce: nonce,
        redirect_uri: `your/return.url`
    }

    // You must prefix the key with 'oidc'
    localStorage.setItem(`oidc.${authSessionData.id}`, JSON.stringify(authSessionData));
    const registrationPath = `myServerRegistrationPath?${query}`

    navigateToPage(registrationPath);

那为我解决了这个问题.

That fixed the problem for me.

这篇关于将我的注册页面中的第三方登录与IdentityServer4和Angular 6集成-“在存储中找不到匹配状态"的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！