我正在尝试在 ASP.NET Core 2.0 Web 应用程序上创建身份验证。
我的公司正在使用 Ping Federate,我正在尝试使用公司登录页面对我的用户进行身份验证,并使用我的签名密钥验证返回的令牌(X509SecurityKey
下面)。
ping 登录链接如下所示:
https://auth.companyname.com
我将 Startup.cs 配置为能够登录并挑战该站点。
我用一个装饰我的 HomeController[Authorize(Policy="Mvc")]
.
我能够到达登录页面,但是,每当我从登录页面返回时,我都会得到(
我尝试关闭/打开多个多重验证):
异常:关联失败。
地点未知
异常:处理远程登录时遇到错误。
Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler.HandleRequestAsync()
错误消息不是很有帮助...以前有人遇到过这样的问题吗?
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(options =>
{
options.Authority = PF_LOGINPATH;
options.ClientId = Configuration["ClientId"];
options.ClientSecret = Configuration["ClientSecret"];
options.Scope.Clear();
options.ResponseType = OpenIdConnectResponseType.CodeIdTokenToken;
options.SaveTokens = false;
options.GetClaimsFromUserInfoEndpoint = false;//true;
options.TokenValidationParameters = new TokenValidationParameters
{
RequireSignedTokens = false,
ValidateActor = false,
ValidateAudience = false,
ValidateIssuer = false,
ValidateIssuerSigningKey = false,
ValidateTokenReplay = false,
// Compensate server drift
ClockSkew = TimeSpan.FromHours(24),
//ValidIssuer = PF_LOGINPATH;
// Ensure key
IssuerSigningKey = CERTIFICATE,
// Ensure expiry
RequireExpirationTime = false,//true,
ValidateLifetime = false,//true,
// Save token
SaveSigninToken = false
};
});
services.AddAuthorization(options =>
{
options.AddPolicy("Mvc", policy =>
{
policy.AuthenticationSchemes.Add(OpenIdConnectDefaults.AuthenticationScheme);
policy.RequireAuthenticatedUser();
});
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseBrowserLink();
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}