小贝子编程

在用户登录应用程序后集成授权(例如:脸书)



在我的应用程序中,用户将登录到应用程序,然后授权Facebook(通过单击安全区域中的按钮(以允许应用程序获取Facebook帖子等。但是,应用程序始终将用户重定向到登录屏幕。我相信这与使用 CheckConsentNeed= true 配置 CookiePolicyOptions 的应用程序有关,但将其设置为 false 无济于事。我错过了什么?

用户登录后的页面: 

<form asp-area="Identity" asp-page="/Account/ExternalLogin" asp-route-returnUrl="@Model.ReturnUrl" method="post">                         
<div class="row">
<div class="col-md-6">
<div class="form-group">
<button type="submit" class="btn btn-sm btn-facebook btn-icon-label" value="Facebook">
<span class="btn-inner--icon">
<i class="fab fa-facebook"></i>
</span>
</button>
</div>
</div>

Identity/Account/ExternalLogin.cshtml.cs

[AllowAnonymous]
    public class ExternalLoginModel : PageModel
    {            
        public IActionResult OnPost(string provider, string returnUrl = null)
        {
          var redirectUrl = Url.Page("./ExternalLogin", pageHandler: "Callback", values: new { returnUrl });
          var authenticationProperties = _signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
          return new ChallengeResult(provider, authenticationProperties);
        }

启动.cs:

public class Startup
  {
    public void ConfigureServices(IServiceCollection services)
    {
      services.Configure<CookiePolicyOptions>(options =>
      {
        options.CheckConsentNeeded = context => true;<= I believe that this could be one of the issues
        options.MinimumSameSitePolicy = SameSiteMode.None;
      });
      services.AddDbContext<ApplicationDbContext>(options => options.UseSqlServer(Configuration.GetConnectionString("SQLServerConnectionString")));
      services.AddIdentity<ApplicationUser, IdentityRole>(config =>
      {
        config.SignIn.RequireConfirmedEmail = true;
      })
      .AddEntityFrameworkStores<ApplicationDbContext>()
      .AddDefaultTokenProviders();
      services
        .AddAuthentication(
        )
        .AddCookie()
      .AddFacebook(facebookOptions =>
      {
        facebookOptions.AppId = Configuration["FacebookAuthSettings:AppId"];
        facebookOptions.AppSecret = Configuration["FacebookAuthSettings:AppSecret"];
        facebookOptions.SaveTokens = true;
        facebookOptions.Events.OnCreatingTicket = oAuthCreatingTicketContext =>
        {
          var authenticationTokens = oAuthCreatingTicketContext.Properties.GetTokens().ToList();
          var authenticationToken = new AuthenticationToken()
          {
            Name = "TicketCreated",
            Value = DateTime.UtcNow.ToString()
          };
          authenticationTokens.Add(authenticationToken);
          oAuthCreatingTicketContext.Properties.StoreTokens(authenticationTokens);
          return Task.CompletedTask;
        };
      }); 
      services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2).
          AddRazorPagesOptions(options =>
      {
        options.AllowAreas = true;
        options.Conventions.AuthorizeAreaFolder("Identity", "/Account/Manage");
        options.Conventions.AuthorizeAreaPage("Identity", "/Account/Logout");
      });
      services.ConfigureApplicationCookie(options =>
      {
          options.LoginPath = $"/Identity/Account/Login";
          options.LogoutPath = $"/Identity/Account/Logout";
          options.AccessDeniedPath = $"/Identity/Account/AccessDenied";
      });
      services.AddAntiforgery(o => o.HeaderName = "XSRF-TOKEN");    
      services.AddMvc().AddJsonOptions(options =>
      {
        options.SerializerSettings.ContractResolver = new Newtonsoft.Json.Serialization.DefaultContractResolver();
      });
      //enforce HTTPS globally in the app. 
      services.Configure<MvcOptions>(mvcOptions =>
      {
        mvcOptions.Filters.Add(new RequireHttpsAttribute());
      });
    }
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
      if (env.IsDevelopment())
      {
          app.UseDeveloperExceptionPage();
          app.UseDatabaseErrorPage();
      }
      else
      {
          app.UseExceptionHandler("/Error");
          // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
          app.UseHsts();
      }
      app.UseHttpsRedirection();
      app.UseStaticFiles();
      app.UseCookiePolicy();
      app.UseAuthentication();
      app.UseMvc();
    }
  }

不知何故,我总是能够在发布到stackoverflow后立即找出答案。 @KirkLarkin是对的,我需要在我的Facebook按钮中指定name="provider"。 

<form asp-area="Identity" asp-page="/Account/ExternalLogin" asp-route-returnUrl="@Model.ReturnUrl" method="post">                         
<div class="row">
<div class="col-md-6">
<div class="form-group">
<button type="submit" name="provider" value="Facebook">
<span class="btn-inner--icon">
<i class="fab fa-facebook"></i>
</span>
</button>
</div>
</div>

相关内容

  • 没有找到相关文章

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium