ASP.NET MVC5 OWIN Facebook验证突然不工作 [英] ASP.NET MVC5 OWIN Facebook authentication suddenly not working

问题描述

我有被使用MVC5 Web应用程序的内置通过Facebook和谷歌认证的支持。当我们建立了这个应用程式在几个月前，我们跟着这个教程：<一href=\"http://www.asp.net/mvc/tutorials/mvc-5/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on\">http://www.asp.net/mvc/tutorials/mvc-5/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on一切伟大的工作。

I've got an MVC5 Web application which is using the built-in support for authentication via Facebook and Google. When we built this app a few months ago, we followed this tutorial: http://www.asp.net/mvc/tutorials/mvc-5/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on and everything worked great.

现在，突然之间，Facebook的身份验证刚刚停止工作的产品总数。该谷歌身份验证仍然伟大工程。

Now, all of a sudden, the Facebook authentication has just stopped working alltogether. The Google authentication still works great.

问题描述：我们点击链接使用Facebook的连接，我们被重定向到Facebook的，如果我们wan't让我们对个人资料的Facebook应用程序的访问，我们提示。当我们点击确定，我们被重定向回到我们的网站，但不是被记录在我们只需在登录屏幕上结束。

Description of the problem: We click the link to connect using Facebook, we are redirected to Facebook where we are prompted if we wan't to allow our Facebook app access to our profile. When we click "OK" we are redirected back to our site, but instead of being logged in we simply end up at the login screen.

我已经通过在调试模式下这个过程中消失了，我有这个的ActionResult在我的帐户控制器根据上面提到的教程：

I've gone through this process in debug mode and I've got this ActionResult in my account controller as per the tutorial mentioned above:

// GET: /Account/ExternalLoginCallback
[AllowAnonymous]
public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
{
    var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
    if (loginInfo == null)
    {
        return RedirectToAction("Login");
    }
    ............

在通过code和在从Facebook返回踏步，该LOGININFO对象始终是NULL，这将导致用户被重定向回登录。

When stepping through the code and upon returning from Facebook, the loginInfo object is always NULL, which causes the user to be redirected back to the login.

为了了解什么是真正幕后发生的事情，我安装了小提琴手和监视的HTTP流量。我disovered的是，点击后在Facebook的权限对话框中的确定按钮，Facebook的重定向回到我们这个网址的应用程序：

In order to understand what is actually happening behind the scenes, I installed Fiddler and monitored the HTTP traffic. What I disovered is that upon clicking "OK" at the Facebook permission dialog, Facebook redirects back to our application with this URL:

https://localhost/signin-facebook?code=<access-token>

这URL不是一个实际的文件，可能由内置于该OWIN框架我猜有些控制器/处理程序处理。最有可能的，它是利用给定的code查询有关这是试图登录用户信息连接回至Facebook。现在的问题是，在做这之前，我们被重定向到：

This URL is not an actual file and probably handled by some controller/handler built into this OWIN framework I'm guessing. Most likely, it is connecting back to Facebook using the given code to query information about the user which is trying to login. Now, the problem is that instead of doing that, we are redirected to:

/Account/ExternalLoginCallback?error=access_denied

我敢肯定的是Facebook的东西是干什么的，那就是，而不是给我们的用户数据，它重定向我们回到这个错误消息。

Which I'm sure is something Facebook is doing, that is, instead of giving us the user data, it's redirecting us back with this error message.

这使得 AuthenticationManager.GetExternalLoginInfoAsync（）; 失败，总是返回NULL

This causes the AuthenticationManager.GetExternalLoginInfoAsync(); to fail and always return NULL.

我完全没了主意。据我们所知，我们没有对我们的最终改变任何东西。

I'm completely out of ideas. As far as we know, we did not change anything on our end.

我试图创建一个新的Facebook应用程序，我试过了下面的教程再次但是我一直有同样的问题。

I've tried creating a new Facebook app, I've tried following the tutorial again but I always have the same problem.

任何想法表示欢迎！

更新！

OK，这是推动我疯了！现在我已经通过手动执行身份验证所需的步骤走了，一切都很正常，当我做到这一点。为什么地球上是使用MVC5 Owin东西时，这个不工作？

OK, this is driving me insane! I've now manually gone through the steps required to perform the authentication and everything works great when I do that. Why on earth is this not working when using the MVC5 Owin stuff?

这是我做过什么：

    // Step 1 - Pasted this into a browser, this returns a code
    https://www.facebook.com/dialog/oauth?response_type=code&client_id=619359858118523&redirect_uri=https%3A%2F%2Flocalhost%2Fsignin-facebook&scope=&state=u9R1m4iRI6Td4yACEgO99ETQw9NAos06bZWilJxJrXRn1rh4KEQhfuEVAq52UPnUif-lEHgayyWrsrdlW6t3ghLD8iFGX5S2iUBHotyTqCCQ9lx2Nl091pHPIw1N0JV23sc4wYfOs2YU5smyw9MGhcEuinvTAEql2QhBowR62FfU6PY4lA6m8pD3odI5MwBYOMor3eMLu2qnpEk0GekbtTVWgQnKnH6t1UcC6KcNXYY

I was redirected back to localhost (which I had shut down at this point to avoid being redirected immediately away).  The URL I was redirected to is this:

https://localhost/signin-facebook?code=<code-received-removed-for-obvious-reasons>

Now, I grabbed the code I got and used it in the URL below:

// Step 2 - opened this URL in a browser, and successfully retrieved an access token
https://graph.facebook.com/oauth/access_token?client_id=619359858118523&redirect_uri=https://localhost/signin-facebook&client_secret=<client-secret>&code=<code-from-step-1>

// Step 3 - Now I'm able to query the facebook graph using the access token from step 2!

https://graph.facebook.com/me?access_token=<access-token-from-step-2>

没有错误，一切都很正常！那么，为什么这到底是使用MVC5 Owin东西时，这个不工作？有一些明显错误的OWin实施。

No errors, everything works great! Then why the hell is this not working when using the MVC5 Owin stuff? There's obviously something wrong with the OWin implementation.

推荐答案

好，我得到了一个解决问题的办法。

Ok I've got a solution to the problem.

这是code我有pviously $ P $在我Startup.Auth.cs文件：

This is the code I had previously in my Startup.Auth.cs file:

var x = new FacebookAuthenticationOptions();
            //x.Scope.Add("email");
            x.AppId = "1442725269277224";
            x.AppSecret = "<secret>";
            x.Provider = new FacebookAuthenticationProvider()
            {
                OnAuthenticated = async context =>
                {
                        //Get the access token from FB and store it in the database and
                    //use FacebookC# SDK to get more information about the user
                    context.Identity.AddClaim(new System.Security.Claims.Claim("FacebookAccessToken",context.AccessToken));
                    context.Identity.AddClaim(new System.Security.Claims.Claim("urn:facebook:name", context.Name));
                    context.Identity.AddClaim(new System.Security.Claims.Claim("urn:facebook:email", context.Email));
                }
            };
            x.SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie;
            app.UseFacebookAuthentication(x);

请注意

x.Scope.Add("email")

行已被注释掉，但我依然在OnAuthenticated处理查询ING的电子邮件以后呢？是啊，这是正确的。出于某种原因，这个完美工作了几个星期。

line has been commented out, but still I'm query-ing for the e-mail later in the OnAuthenticated handler? Yup, that's right. For some reason this worked flawlessly for a few weeks.

我的解决办法是简单地取消对x.Scope.Add（电子邮件）;线，以确保范围=电子邮件变量是present在初始请求到Facebook。

My solution was to simply uncomment the x.Scope.Add("email"); line to make sure that the scope=email variable was present in the initial request to Facebook.

现在一切都如同它做到了！

Now everything works like it did!

我不明白为什么喜欢它是这样工作过。我能想出的唯一解释是，Facebook的改变了他们的最终的东西。

I cannot understand why this worked before like it was. The only explanation I can come up with is that Facebook changed something on their end.

这篇关于ASP.NET MVC5 OWIN Facebook验证突然不工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！