GoogleOauth2问题获取内部服务器错误500 [英] GoogleOauth2 Issue Getting Internal Server 500 error
问题描述
我决定放弃新的谷歌的oauth2中间件一个尝试,它有pretty多破一切。下面是从startup.auth.cs。当打开时,所有的供应商,包括谷歌提供商获得挑战赛500内部服务器我的供应商配置。然而,内部服务器错误的细节不详,我无法弄清楚如何打开任何调试或跟踪的武士刀中间件。在我看来,像他们在匆忙得到谷歌的Oauth中间件出了门。
//// GOOGLE
VAR googleOptions =新GoogleOAuth2AuthenticationOptions
{
客户端Id =228
ClientSecret =K,
CallbackPath =新PathString(/用户/ epsignin)
SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
供应商=新GoogleOAuth2AuthenticationProvider
{
OnAuthenticated =背景=>
{
的foreach(在context.User VAR X)
{
字符串claimType =的String.Format(瓮:谷歌:{0},x.Key);
字符串claimValue = x.Value.ToString();
如果(!context.Identity.HasClaim(claimType,claimValue))
context.Identity.AddClaim(新索赔(claimType,claimValue,XmlSchemaString,谷歌));
}
返回Task.FromResult(0);
}
}
}; app.UseGoogleAuthentication(googleOptions);
ActionMethod code:
[使用AllowAnonymous]
公众的ActionResult ExternalProviderSignIn(字符串提供商,串RETURNURL)
{
VAR CTX = Request.GetOwinContext();
ctx.Authentication.Challenge(
新AuthenticationProperties
{
RedirectUri = Url.Action(EPSignIn,新的{}提供商)
},
供应商);
返回新HttpUnauthorizedResult();
}
这花了我小时才能弄清楚,但问题是 CallbackPath 由@提到的疯狂codeR。我意识到 CallbackPath 在公共无效ConfigureAuth(IAppBuilder应用) 必须是不同的当它在 ChallengeResult 被设置。如果它们是相同的500错误抛出OWIN。
我的code是 ConfigureAuth(IAppBuilder应用)是
VAR googleOptions =新Microsoft.Owin.Security.Google.GoogleOAuth2AuthenticationOptions
{
客户端Id =XXX,
ClientSecret =YYY,
CallbackPath =新PathString(/回调/谷歌),//这是从来没有通过所谓的MVC,但需要在您的OAuth提供者进行登记 供应商=新GoogleOAuth2AuthenticationProvider
{
OnAuthenticated =(上下文)=>
{
context.Identity.AddClaim(新索赔(图片,context.User.GetValue(图片)的ToString()));
context.Identity.AddClaim(新索赔(配置文件,context.User.GetValue(档案)的ToString()));
返回Task.FromResult(0);
}
}
};googleOptions.Scope.Add(电子邮件);app.UseGoogleAuthentication(googleOptions);
我的'回调'控制器code是:
// GET:/回调/ googlereturn - 回调动作
[使用AllowAnonymous]
公共异步任务<&的ActionResult GT; googlereturn()
{
返回查看();
}// POST:/帐号/ GOOGLEPLUS
公众的ActionResult GOOGLEPLUS()
{
返回新ChallengeResult(谷歌,Request.Url.GetLeftPart(UriPartial.Authority)+/回调/ googlereturn,NULL);
//必须是一个动作,将处理OAuth提供回调的路径
}私有类ChallengeResult:HttpUnauthorizedResult
{
公共ChallengeResult(字符串提供商,串redirectUri)
:这个(供应商,redirectUri,NULL)
{
} 公共ChallengeResult(字符串提供商,串redirectUri,字符串userid)
{
LoginProvider =供应商;
RedirectUri = redirectUri;
用户ID =用户id;
} 公共字符串LoginProvider {搞定;组; }
公共字符串RedirectUri {搞定;组; }
公共字符串userid {搞定;组; } 公共覆盖无效的ExecuteReuslt(ControllerContext上下文)
{
VAR性能=新AuthenticationProperties(){RedirectUri = RedirectUri};
如果(用户ID!= NULL)
{
properties.Dictionary [XsrfKey] =用户ID;
}
。context.HttpContext.GetOwinContext()Authentication.Challenge(属性,LoginProvider);
}
}
- 回调/谷歌似乎由OWIN来处理
- 回调/ googlereturn似乎通过MVC来处理
这是现在所有的工作,虽然很想知道到底是什么
引擎盖下发生我的建议是,除非你有另外一个要求,就是让OWIN使用默认重定向路径,并确保你不要自己使用它们。
I decided to give the new Google Oauth2 middleware a try and it has pretty much broken everything. Here is my provider config from startup.auth.cs.. When turned on, all of the providers including the google provider get a 500 internal server on Challenge. However the details of the internal server error are not available and I cant figure out how to turn on any debugging or tracing for the Katana middleware. Seems to me like they were in a rush to get the google Oauth middleware out the door.
//// GOOGLE
var googleOptions = new GoogleOAuth2AuthenticationOptions
{
ClientId = "228",
ClientSecret = "k",
CallbackPath = new PathString("/users/epsignin")
SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
Provider = new GoogleOAuth2AuthenticationProvider
{
OnAuthenticated = context =>
{
foreach (var x in context.User)
{
string claimType = string.Format("urn:google:{0}", x.Key);
string claimValue = x.Value.ToString();
if (!context.Identity.HasClaim(claimType, claimValue))
context.Identity.AddClaim(new Claim(claimType, claimValue, XmlSchemaString, "Google"));
}
return Task.FromResult(0);
}
}
};
app.UseGoogleAuthentication(googleOptions);
ActionMethod Code:
[AllowAnonymous]
public ActionResult ExternalProviderSignIn(string provider, string returnUrl)
{
var ctx = Request.GetOwinContext();
ctx.Authentication.Challenge(
new AuthenticationProperties
{
RedirectUri = Url.Action("EPSignIn", new { provider })
},
provider);
return new HttpUnauthorizedResult();
}
This took me hours to figure out, but the issue is the CallbackPath as mentioned by @CrazyCoder. I realised that the CallbackPath in public void ConfigureAuth(IAppBuilder app) MUST be different to when it is being set in the ChallengeResult. If they are the same a 500 error is thrown in OWIN.
My code is for ConfigureAuth(IAppBuilder app) is
var googleOptions = new Microsoft.Owin.Security.Google.GoogleOAuth2AuthenticationOptions
{
ClientId = "xxx",
ClientSecret = "yyy",
CallbackPath = new PathString("/callbacks/google"), //this is never called by MVC, but needs to be registered at your oAuth provider
Provider = new GoogleOAuth2AuthenticationProvider
{
OnAuthenticated = (context) =>
{
context.Identity.AddClaim(new Claim("picture", context.User.GetValue("picture").ToString()));
context.Identity.AddClaim(new Claim("profile", context.User.GetValue("profile").ToString()));
return Task.FromResult(0);
}
}
};
googleOptions.Scope.Add("email");
app.UseGoogleAuthentication(googleOptions);
My 'callbacks' Controller code is:
// GET: /callbacks/googlereturn - callback Action
[AllowAnonymous]
public async Task<ActionResult> googlereturn()
{
return View();
}
//POST: /Account/GooglePlus
public ActionResult GooglePlus()
{
return new ChallengeResult("Google", Request.Url.GetLeftPart(UriPartial.Authority) + "/callbacks/googlereturn", null);
//Needs to be a path to an Action that will handle the oAuth Provider callback
}
private class ChallengeResult : HttpUnauthorizedResult
{
public ChallengeResult(string provider, string redirectUri)
: this(provider, redirectUri, null)
{
}
public ChallengeResult(string provider, string redirectUri, string userId)
{
LoginProvider = provider;
RedirectUri = redirectUri;
UserId = userId;
}
public string LoginProvider { get; set; }
public string RedirectUri { get; set; }
public string UserId { get; set; }
public override void ExecuteResult(ControllerContext context)
{
var properties = new AuthenticationProperties() { RedirectUri = RedirectUri };
if (UserId != null)
{
properties.Dictionary[XsrfKey] = UserId;
}
context.HttpContext.GetOwinContext().Authentication.Challenge(properties, LoginProvider);
}
}
- callbacks/google seems to handled by OWIN
- callbacks/googlereturn seems to handled by MVC
It is all working now, although would love to know exactly what is happening 'under the bonnet'
My advice, unless you have another requirement, is to let OWIN use default redirect paths and make sure you don't use them yourself.
这篇关于GoogleOauth2问题获取内部服务器错误500的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
