无法读取策略授权处理程序中的会话数据

使用 .NET Core 1.1，我创建了一个 AuthorizationHandler：

public class HasStoreAccountAuthorizationHandler : AuthorizationHandler<HasStoreAccountRequirement>
{
private SessionHelper SessionHelper { get; }
public HasStoreAccountAuthorizationHandler(SessionHelper sessionHelper)
{
this.SessionHelper = sessionHelper;
}
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, HasStoreAccountRequirement requirement)
{
if (this.SessionHelper?.Accounts != null && this.SessionHelper.Accounts.Any()) context.Succeed(requirement);
return Task.FromResult(0);
}
}

我有一个 SessionHelper 类，它将非原始值序列化到会话中：

public class SessionHelper
{
public IEnumerable<AccountInformation> Accounts
{
get => this.Session.Get<IEnumerable<AccountInformation>>(AccountsKey);
set => this.Session.Set<IEnumerable<AccountInformation>>(AccountsKey, value);
}
public static class SessionHelperExtensionMethods
{
public static void Set<T>(this ISession session, string key, T value)
{
session.SetString(key, JsonConvert.SerializeObject(value));
}
public static T Get<T>(this ISession session, string key)
{
var value = session.GetString(key);
return value == null ? default(T) : JsonConvert.DeserializeObject<T>(value);
}
}
}

在代码中的其他任何位置访问 SessionHelper.Accounts 都可以正常工作。但是，每当调用策略 AuthorizationHandler 时，都会引发以下错误：

An exception was thrown while deserializing the token.
System.InvalidOperationException: The antiforgery token could not be decrypted.
---> System.Security.Cryptography.CryptographicException: The key {KEYNAME} was not found in the key ring.
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.DangerousUnprotect(Byte[] protectedData, Boolean ignoreRevocationErrors, Boolean& requiresMigration, Boolean& wasRevoked) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData) at Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken) --- End of inner exception stack trace --- at Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken) at Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgery.GetCookieTokenDoesNotThrow(HttpContext httpContext) System.Security.Cryptography.CryptographicException: The key {KEYNAME} was not found in the key ring.
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.DangerousUnprotect(Byte[] protectedData, Boolean ignoreRevocationErrors, Boolean& requiresMigration, Boolean& wasRevoked) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData) at Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)

网站机器密钥在web.config和IIS中设置，使用SHA1/AES，选中和取消选中"为每个应用程序生成唯一密钥"(例如，"KEY_VALUE，IsolateApps"和"KEY_VALUE"(。

我还创建了一个数据保护注册表配置单元，并将IIS 应用池配置为根据此链接加载用户配置文件。

我还在 Startup 中添加了数据保护.cs(添加/删除了各种行(：

services.AddAntiforgery();
services.AddDataProtection()
.SetApplicationName("APPNAME")
.SetDefaultKeyLifetime(TimeSpan.FromDays(365))
.PersistKeysToFileSystem(new DirectoryInfo(Configuration["DataProtection:LocalPaths:KeyLocation"]));

在某些情况下，SessionHelper.Accounts 会正确读取，并且不会引发异常。但是，一旦应用回收，最终 SessionHelper.Accounts 将为空，并引发异常。注销系统并重新登录对错误没有影响。

思潮？