c# - 用户登录应用程序后集成授权(例如:facebook)
问题描述
在我的应用程序中,用户将登录到应用程序,然后授权 facebook(通过单击安全区域中的按钮)以允许应用程序获取 facebook 帖子等。但是,应用程序总是将用户重定向到登录屏幕。我相信这与使用 CheckConsentNeeded = true 配置 CookiePolicyOptions 的应用程序有关,但将其设置为 false 没有帮助。我错过了什么?
用户登录后的页面:
<form asp-area="Identity" asp-page="/Account/ExternalLogin" asp-route-returnUrl="@Model.ReturnUrl" method="post">
<div class="row">
<div class="col-md-6">
<div class="form-group">
<button type="submit" class="btn btn-sm btn-facebook btn-icon-label" value="Facebook">
<span class="btn-inner--icon">
<i class="fab fa-facebook"></i>
</span>
</button>
</div>
</div>
身份/帐户/ExternalLogin.cshtml.cs
[AllowAnonymous]
public class ExternalLoginModel : PageModel
{
public IActionResult OnPost(string provider, string returnUrl = null)
{
var redirectUrl = Url.Page("./ExternalLogin", pageHandler: "Callback", values: new { returnUrl });
var authenticationProperties = _signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
return new ChallengeResult(provider, authenticationProperties);
}
启动.cs:
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
options.CheckConsentNeeded = context => true;<= I believe that this could be one of the issues
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddDbContext<ApplicationDbContext>(options => options.UseSqlServer(Configuration.GetConnectionString("SQLServerConnectionString")));
services.AddIdentity<ApplicationUser, IdentityRole>(config =>
{
config.SignIn.RequireConfirmedEmail = true;
})
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
services
.AddAuthentication(
)
.AddCookie()
.AddFacebook(facebookOptions =>
{
facebookOptions.AppId = Configuration["FacebookAuthSettings:AppId"];
facebookOptions.AppSecret = Configuration["FacebookAuthSettings:AppSecret"];
facebookOptions.SaveTokens = true;
facebookOptions.Events.OnCreatingTicket = oAuthCreatingTicketContext =>
{
var authenticationTokens = oAuthCreatingTicketContext.Properties.GetTokens().ToList();
var authenticationToken = new AuthenticationToken()
{
Name = "TicketCreated",
Value = DateTime.UtcNow.ToString()
};
authenticationTokens.Add(authenticationToken);
oAuthCreatingTicketContext.Properties.StoreTokens(authenticationTokens);
return Task.CompletedTask;
};
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2).
AddRazorPagesOptions(options =>
{
options.AllowAreas = true;
options.Conventions.AuthorizeAreaFolder("Identity", "/Account/Manage");
options.Conventions.AuthorizeAreaPage("Identity", "/Account/Logout");
});
services.ConfigureApplicationCookie(options =>
{
options.LoginPath = $"/Identity/Account/Login";
options.LogoutPath = $"/Identity/Account/Logout";
options.AccessDeniedPath = $"/Identity/Account/AccessDenied";
});
services.AddAntiforgery(o => o.HeaderName = "XSRF-TOKEN");
services.AddMvc().AddJsonOptions(options =>
{
options.SerializerSettings.ContractResolver = new Newtonsoft.Json.Serialization.DefaultContractResolver();
});
//enforce HTTPS globally in the app.
services.Configure<MvcOptions>(mvcOptions =>
{
mvcOptions.Filters.Add(new RequireHttpsAttribute());
});
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseMvc();
}
}
解决方案
不知何故,我总是能够在我发布到 stackoverflow 后立即找出答案。@KirkLarkin 是对的,我需要在我的 facebook 按钮中指定 name="provider"。
<form asp-area="Identity" asp-page="/Account/ExternalLogin" asp-route-returnUrl="@Model.ReturnUrl" method="post">
<div class="row">
<div class="col-md-6">
<div class="form-group">
<button type="submit" name="provider" value="Facebook">
<span class="btn-inner--icon">
<i class="fab fa-facebook"></i>
</span>
</button>
</div>
</div>
推荐阅读
- c - Ogg Opus HTTP 流
- python-3.x - 线程:在深度复制时暂停对象的定期更新,Python
- python - 如何打印 xpath 匹配节点的代码?
- python - 使用带有 @interact 的按钮
- oauth-2.0 - OAuth2 - 如何将 clientId/客户端密码列表添加为 JSON 文件,而不是单个客户端 ID/客户端密码?
- android - 依赖关系解析为不兼容的版本
- postgresql - 带有 json 数据的 GORM 数据库列
- c# - 显示 PDF 文档 C#
- python - 将我的数据划分为网格并在每个框中选择一个点
- reactjs - 如何用 React JS 实现 Adonis JS 版本 4.1 的 WebSocket