在Identity Server 4.Net Core中,我的外部授权请求不支持默认的请求状态参数值长度 [英] The default requested state parameter value length is not supported for my external authorization request in identity server 4 .Net Core
本文介绍了在Identity Server 4.Net Core中,我的外部授权请求不支持默认的请求状态参数值长度的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
1. Tried to customize the state parameter with the below code
options.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProvider = (RedirectContext context) =>
{
//context.ProtocolMessage.SetParameter("CustomParameter", "Test");
//context.Properties.Items.Add(OpenIdConnectDefaults.RedirectUriForCodePropertiesKey, context.ProtocolMessage.RedirectUri);
//context.ProtocolMessage.State = context.Options.StateDataFormat.Protect(context.Properties);
context.ProtocolMessage.State = Guid.NewGuid().ToString();
context.Response.Redirect(context.ProtocolMessage.CreateAuthenticationRequestUrl());
context.HandleResponse();
return Task.CompletedTask;
}
在使用外部登录屏幕进行身份验证后出现以下错误。
2021-08-25 15:17:52.713 +00:00 [ERR] An unhandled exception has occurred while executing the request. System.Exception: An error was encountered while handling the remote login. ---> System.Exception: Unable to unprotect the message.State. --- End of inner exception stack trace --- at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at IdentityServer4.Hosting.FederatedSignOut.AuthenticationRequestHandlerWrapper.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext上下文) 在IdentityServer4.Hosting.BaseUrlMiddleware.Invoke(HttpContext环境中) 在Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.g__Awaited|6_0(ExceptionHandlerMiddleware 中间件、HttpContext上下文、任务任务)
Q1: Is there any way to customize the state parameter value? Default generated value length is my only concern.
Q2: Is it possible to set guid as status param value?
Please advise.
推荐答案
默认上下文身份验证属性由OnReDirectToIdentityProvider中的Protect方法加密,然后从身份验证成功状态,通过OnMessageReceired中的UnProtect方法解密。我们必须在稍后映射自定义GUID的数据和受保护的字符串之间来取消对身份验证属性的保护。
options.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProvider = (RedirectContext context) =>
{
//context.ProtocolMessage.SetParameter("CustomParameter", "Test");
context.Properties.Items.Add(OpenIdConnectDefaults.RedirectUriForCodePropertiesKey, context.ProtocolMessage.RedirectUri); ;
context.ProtocolMessage.State = CacheHelper.SetMemoryCache(Guid.NewGuid().ToString(), context.Options.StateDataFormat.Protect(context.Properties));
context.Response.Redirect(context.ProtocolMessage.CreateAuthenticationRequestUrl());
context.HandleResponse();
return Task.CompletedTask;
},
OnMessageReceived = (MessageReceivedContext context) =>
{
context.ProtocolMessage.State = CacheHelper.GetMemoryCache(context.ProtocolMessage.State);
context.Properties = context.Options.StateDataFormat.Unprotect(context.ProtocolMessage.State);
return Task.CompletedTask;
},
OnAuthorizationCodeReceived = (AuthorizationCodeReceivedContext context) =>
{
return Task.CompletedTask;
}
};
这篇关于在Identity Server 4.Net Core中,我的外部授权请求不支持默认的请求状态参数值长度的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
