间歇ASP.NET OAuth的问题与谷歌,AuthenticationManager.GetExternalIdentityAsync则返回null [英] Intermittent ASP.NET oAuth issue with Google, AuthenticationManager.GetExternalIdentityAsync is returning null
问题描述
我想使用谷歌作为一个外部登录提供程序时解决一个间歇性问题。
I am trying to fix an intermittent issue when using Google as an external login provider.
在尝试登录,用户被重定向到登录页面,而不是被认证。
When attempting to login, the user is redirected back to the login page rather than being authenticated.
在这条线(以下链接的55行),GetExternalIdentityAsync返回null出现问题。
The problem occurs on this line (line 55 of link below), GetExternalIdentityAsync returns null.
var externalIdentity = await AuthenticationManager.GetExternalIdentityAsync(DefaultAuthenticationTypes.ExternalCookie);
满code是:
[Authorize]
public abstract class GoogleAccountController<TUser> : Controller where TUser : Microsoft.AspNet.Identity.IUser
{
public IAuthenticationManager AuthenticationManager
{
get
{
return HttpContext.GetOwinContext().Authentication;
}
}
public abstract UserManager<TUser> UserManager { get; set; }
[AllowAnonymous]
[HttpGet]
[Route("login")]
public ActionResult Login(string returnUrl)
{
ViewData.Model = new LoginModel()
{
Message = TempData["message"] as string,
Providers = HttpContext.GetOwinContext().Authentication.GetExternalAuthenticationTypes(),
ReturnUrl = returnUrl
};
return View();
}
[AllowAnonymous]
[HttpPost]
[ValidateAntiForgeryToken]
[Route("login")]
public ActionResult Login(string provider, string returnUrl)
{
return new ChallengeResult(provider, Url.Action("Callback", "Account", new { ReturnUrl = returnUrl }));
}
[AllowAnonymous]
[Route("authenticate")]
public async Task<ActionResult> Callback(string returnUrl)
{
var externalIdentity = await AuthenticationManager.GetExternalIdentityAsync(DefaultAuthenticationTypes.ExternalCookie);
if (externalIdentity == null)
{
return RedirectToAction("Login", new { ReturnUrl = returnUrl });
}
var emailAddress = externalIdentity.FindFirstValue(ClaimTypes.Email);
var user = await UserManager.FindByNameAsync(emailAddress);
if (user != null)
{
await SignInAsync(user, false);
return RedirectToLocal(returnUrl);
}
else
{
TempData.Add("message", string.Format("The account {0} is not approved.", emailAddress));
return RedirectToAction("Login", new { ReturnUrl = returnUrl });
}
}
[HttpPost]
[ValidateAntiForgeryToken]
[Route("logout")]
public ActionResult Logout(string returnUrl)
{
AuthenticationManager.SignOut();
return RedirectToLocal(returnUrl);
}
private async Task SignInAsync(TUser user, bool isPersistent)
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
var authenticationProperties = new AuthenticationProperties()
{
IsPersistent = isPersistent
};
AuthenticationManager.SignIn(authenticationProperties, identity);
}
private ActionResult RedirectToLocal(string returnUrl)
{
if (Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
protected override void Dispose(bool disposing)
{
if (disposing && UserManager != null)
{
UserManager.Dispose();
UserManager = null;
}
base.Dispose(disposing);
}
}
这也是<一个href=\"https://github.com/andybooth/instatus/blob/master/Instatus.Server/GoogleAccountController.cs\">here.
这是非常多的间歇性问题,并重新部署应用程序往往会得到它暂时无法工作。
This is very much an intermittent problem, and redeploying the app will often get it to work temporarily.
展望小提琴手,我可以看到一个调用,以登录谷歌刚刚previous在其中无法找到该cookie在认证方法。
Looking in Fiddler I can see a call is made to sign-google just previous to the authenticate method in which it can't find the cookie.
应用程序使用以下code初始化谷歌登录
The app uses the following code to initialize the google login
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/login")
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseGoogleAuthentication();
我已经设置了验证模式,以非在web.config,并删除了窗体身份验证模块。
I have set the authentication mode to non in the web.config, and removed the forms authentication module.
<system.web>
<authentication mode="None" />
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<modules runAllManagedModulesForAllRequests="true">
<remove name="FormsAuthenticationModule" />
</modules>
</system.webServer>
该网站托管在Azure上,1比如有的跑步,有的2。
他们有自定义域,但在两个自定义域和azurewebsites域,HTTP / HTTPS还是失败。
The sites are hosted on Azure, some running on 1 instance, some 2. They have custom domains, although still fail on both custom domain and azurewebsites domain, and http / https.
任何人都可以用,为什么这可能发生的帮助吗?
Can anyone help with why this might be happening?
更新
Microsoft.Owin.Security.Google 3.0版本昨晚公布。要切换,看看是否能解决此问题。
Version 3.0 of Microsoft.Owin.Security.Google was released last night. Going to switch over and see if this fixes the issue.
<一个href=\"https://www.nuget.org/packages/Microsoft.Owin.Security.Google\">https://www.nuget.org/packages/Microsoft.Owin.Security.Google
推荐答案
我忘了让谷歌+ API的谷歌开发者控制台。谷歌登录似乎都很正常,但GetExternalLoginInfoAsync返回null。
I forgot to enable "Google + API" in the google developer console. Google login appears to be fine, but GetExternalLoginInfoAsync returns null.
您可以点击此链接
http://stackoverflow.com/a/27631109/657926
这篇关于间歇ASP.NET OAuth的问题与谷歌,AuthenticationManager.GetExternalIdentityAsync则返回null的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
