我通过ASP.NET OWIN Identity使用Azure Active Directory登录进行身份验证。
我有一个负载均衡器,它正在进行SSL卸载,所以我的服务器本身运行http协议,而不是https协议,但负载均衡器是SSL。
我得到这个错误:
[WebException: The remote server returned an error: (400) Bad Request.]
System.Net.HttpWebRequest.GetResponse() +1686
Microsoft.IdentityModel.Clients.ActiveDirectory.<GetResponseSyncOrAsync>d__2.MoveNext() +392
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.IdentityModel.Clients.ActiveDirectory.<SendPostRequestAndDeserializeJsonResponseAsync>d__0`1.MoveNext() +512
[AdalServiceException: AADSTS70002: Error validating credentials. AADSTS50011: The reply address 'http://intx.mydomain.com/default' does not match the reply address 'https://intx.mydomain.com/default' provided when requesting Authorization code.
Trace ID: d5861c62-9d42-4f2b-886a-06cc63b01f00
Correlation ID: f77d0d3e-9dd2-4af8-a38f-65f7838bc680
Timestamp: 2018-10-28 05:13:16Z]
Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.RunAsyncTask(Task`1 task) +133
CloudmersiveAdminApp.Startup.<ConfigureAuth>b__10_0(AuthorizationCodeReceivedNotification context) in C:SrcAPIsAccount3CloudmersiveAccountCloudmersiveAdminAppApp_StartStartupAuth.cs:109
Microsoft.Owin.Security.OpenIdConnect.<AuthenticateCoreAsync>d__1a.MoveNext() +5428
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
Microsoft.Owin.Security.OpenIdConnect.<AuthenticateCoreAsync>d__1a.MoveNext() +5937
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.Infrastructure.<BaseInitializeAsync>d__0.MoveNext() +817
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +329
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +768
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<RunApp>d__5.MoveNext() +196
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<DoFinalWork>d__2.MoveNext() +184
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult.End(IAsyncResult ar) +117
System.Web.AsyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +367
System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step) +195
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +128
注意它是如何抱怨协议是http而不是https的。问题是,在浏览器中,它是https!只是负载均衡器正在卸载https部分。
如何将ASP.NET配置为不引发此错误?任何想法都将不胜感激。
查看异常,您的问题可能与代码/配置中指定的回复URL有关。
确保对Azure AD的任何请求仍将重定向URL/回复URL指定为https://intx.mydomain.com/default。
通常的嫌疑人是-
a。StartupAuth.cs(根据堆栈跟踪,在第109行附近(。在指定RedirectUri 的任何位置签入该文件
b。代码中尝试获取令牌并显式指定重定向URL的任何其他位置。
如果仍然不起作用,请尝试在有关启动配置和令牌获取逻辑的问题中添加更多代码细节。