通过Postman使用Auth0登录.net core 3应用程序

我有一个.net应用程序，它通过Auth0进行登录设置(与用户交互很好(，但我想使用没有用户交互的脚本登录，这不起作用。基本上，我想在晚上运行一个LogicApp或一些带有硬编码用户/通行证的脚本，访问我的应用程序中的页面。

我尝试过Azure LogicApps和Postman，结果都是一样的。我试图通过将用户/密码作为基本身份验证来访问我的应用程序中的页面。我得到了一些重定向并返回到登录页面。Auth0没有提供任何日志，所以我认为身份验证没有到达Auth0。

Obs1：我确信这个设置在大约6个月前就开始工作了，就在最近我意识到它已经停止工作了，可能是Auth0的更改，或者是由于从.net核心2.1迁移到3。

Obs2：我也开始用Bearer令牌测试登录，但代码中会有太多的更改，我想把它作为最后的手段。

Startup.cs代码段

services.Configure<CookiePolicyOptions>(options =>'''
{
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.Secure = CookieSecurePolicy.Always;
});
// Add authentication services
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect("Auth0", options =>
{
// Set the authority to your Auth0 domain
options.Authority = $"https://login.myapp.net";
// Configure the Auth0 Client ID and Client Secret
options.ClientId = "*********";
options.ClientSecret = "****************;
//Set response type to code
options.ResponseType = "code";
// Configure the scope
options.Scope.Clear();
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email");
//Set the correct name claim type
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name",
RoleClaimType = "https://schemas.myapp.net"
};
// Set the callback path
options.CallbackPath = new PathString("/callback");
// Configure the Claims Issuer
options.ClaimsIssuer = "Auth0";

Postman结果(3个重定向和一个已找到的登录页面(：

GET https://myapp.net/  
302
GET https://myapp.net/Account%2FLogin
302
GET https://login.myapp.net/authorize?client_id=****************&redirect_uri=https%3A%2F%2Fapp.myapp.net%2Fcallback&response_type=code&scope=openid%20profile%20email&code_challenge=***********&code_challenge_method=S256&response_mode=form_post&nonce=*****&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.5.0.0
302
GET https://login.myapp.net/login?state=***********&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.myapp.net%2Fcallback&response_type=code&scope=openid%20profile%20email&code_challenge=*********&code_challenge_method=S256&response_mode=form_post&nonce=*************&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.5.0.0
200
197ms 
▼
Request Headers
Authorization: Basic **********
User-Agent: PostmanRuntime/7.22.0
Accept: */*
Cache-Control: no-cache
Postman-Token: **************
Accept-Encoding: gzip, deflate, br
Cookie: did=*********; auth0_compat=***********
Referer: https://login.myapp.net/authorize?client_id=***************&redirect_uri=https%3A%2F%2Fapp.myapp.net%2Fcallback&response_type=code&scope=openid%20profile%20email&code_challenge=***********&code_challenge_method=S256&response_mode=form_post&nonce=******&state=*************&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.5.0.0
Connection: keep-alive
Response Headers
Server: nginx
Date: Wed, 11 Mar 2020 04:18:29 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ot-tracer-spanid: 6ed01af3e
ot-tracer-traceid: 3d5f35a407
ot-tracer-sampled: true
X-Auth0-RequestId: 655374d6432978
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1583900310
set-cookie: _csrf=eML8VgsIOn-ONcU0u3TeTx7U; Max-Age=864000; Path=/usernamepassword/login; HttpOnly; Secure
X-Robots-Tag: noindex, nofollow
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
ETag: W/"a6e-Dn+oh0+jgssgYbnM4PE"
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000
▼
Response Body
[sign in page]