我使用默认的 Visual Studio 2015 模板和 Google 身份验证开发了 ASPNET MVC 5 应用程序。在开发环境中一切正常,但在外部身份验证后的实际调用中AuthenticationManager.GetExternalLoginInfoAsync()有时返回 null。
通常它会在一天的中心时间(从 08:00 到 20:00)返回 null,但我还没有找到模式,因为有时在那个时间有效。我查看了开发人员控制台,但没有太多请求(过去 12 小时内有 22 个),并且全部成功。
我尝试了其他 StackOverflow 线程的一些解决方案,但它们不起作用。另外,我只能在晚上尝试它们,因为这是一个个人项目,然后连接成功,我无法重现该问题。
代码是标准的:
-
启动时
public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context, user manager and signin manager to use a single instance per request
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process.
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
// Enables the application to remember the second login verification factor such as phone or email.
// Once you check this option, your second step of verification during the login process will be remembered on the device where you logged in from.
// This is similar to the RememberMe option when you log in.
app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
var google = new GoogleOAuth2AuthenticationOptions()
{
ClientId = "xxxx",
ClientSecret = "xxxx",
Provider = new GoogleOAuth2AuthenticationProvider()
};
google.Scope.Add("email");
app.UseGoogleAuthentication(google);
}
-
在外部登录回调上
//
// GET: /Account/ExternalLoginCallback
[AllowAnonymous]
public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
{
Log.Debug("AuthenticationManager.GetExternalLoginInfoAsync()");
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
Log.Error("AuthenticationManager.GetExternalLoginInfoAsync(): null");
return RedirectToAction("Login");
}
...
更多信息
我已经与另一个用户创建了新的 Google 凭据,当我更改 clientId 和 clientSecret 时,它会再次工作......我什至不知道什么时候......
还有更多信息
问题不在于凭据,我“只”需要重新启动 ASP.NET 应用程序来解决问题,也许这个新线索可以帮助别人帮助我。
未复制
我已经发布了答案,但答案不在其中OWIN 的 GetExternalLoginInfoAsync 始终返回 null帖子中,我提到了我找到解决方案的线程:ASP.NET_SessionId + OWIN Cookie 不发送到浏览器
最后(我认为)一周后我找到了解决方案,没有登录失败。这一切都归功于这个 StackOverflow 线程。我的解决方案是以下行插入AccountController.ExternalLogin action:
Session["Workaround"] = 0;
在上面的线程(以及那里提供的链接)中,找到了混合 ASPNET MVC 和 OWIN 组件的会话和 cookie 时出现的错误的更好解释。
完整控制器服务代码:
//
// POST: /Account/ExternalLogin
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult ExternalLogin(string provider, string returnUrl)
{
// https://stackoverflow.com/questions/20737578/asp-net-sessionid-owin-cookies-do-not-send-to-browser
Session["Workaround"] = 0;
// Request a redirect to the external login provider
return new ChallengeResult(provider, Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl }));
}
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)
