时间戳

首页 > 解决方案 > 用户登录应用程序后集成授权(例如:facebook)

c# - 用户登录应用程序后集成授权(例如:facebook)

问题描述

在我的应用程序中,用户将登录到应用程序,然后授权 facebook(通过单击安全区域中的按钮)以允许应用程序获取 facebook 帖子等。但是,应用程序总是将用户重定向到登录屏幕。我相信这与使用 CheckConsentNeeded = true 配置 CookiePolicyOptions 的应用程序有关,但将其设置为 false 没有帮助。我错过了什么?

用户登录后的页面:

<form asp-area="Identity" asp-page="/Account/ExternalLogin" asp-route-returnUrl="@Model.ReturnUrl" method="post">                         
<div class="row">
<div class="col-md-6">
<div class="form-group">
<button type="submit" class="btn btn-sm btn-facebook btn-icon-label" value="Facebook">
<span class="btn-inner--icon">
<i class="fab fa-facebook"></i>
</span>
</button>
</div>
</div>

身份/帐户/ExternalLogin.cshtml.cs

[AllowAnonymous]
    public class ExternalLoginModel : PageModel
    {            
        public IActionResult OnPost(string provider, string returnUrl = null)
        {
          var redirectUrl = Url.Page("./ExternalLogin", pageHandler: "Callback", values: new { returnUrl });
          var authenticationProperties = _signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
          return new ChallengeResult(provider, authenticationProperties);
        }

启动.cs:

public class Startup
  {
    public void ConfigureServices(IServiceCollection services)
    {
      services.Configure<CookiePolicyOptions>(options =>
      {
        options.CheckConsentNeeded = context => true;<= I believe that this could be one of the issues
        options.MinimumSameSitePolicy = SameSiteMode.None;
      });
      services.AddDbContext<ApplicationDbContext>(options => options.UseSqlServer(Configuration.GetConnectionString("SQLServerConnectionString")));
      services.AddIdentity<ApplicationUser, IdentityRole>(config =>
      {
        config.SignIn.RequireConfirmedEmail = true;
      })
      .AddEntityFrameworkStores<ApplicationDbContext>()
      .AddDefaultTokenProviders();

      services
        .AddAuthentication(
        )
        .AddCookie()
      .AddFacebook(facebookOptions =>
      {
        facebookOptions.AppId = Configuration["FacebookAuthSettings:AppId"];
        facebookOptions.AppSecret = Configuration["FacebookAuthSettings:AppSecret"];
        facebookOptions.SaveTokens = true;
        facebookOptions.Events.OnCreatingTicket = oAuthCreatingTicketContext =>
        {
          var authenticationTokens = oAuthCreatingTicketContext.Properties.GetTokens().ToList();
          var authenticationToken = new AuthenticationToken()
          {
            Name = "TicketCreated",
            Value = DateTime.UtcNow.ToString()
          };
          authenticationTokens.Add(authenticationToken);
          oAuthCreatingTicketContext.Properties.StoreTokens(authenticationTokens);
          return Task.CompletedTask;
        };
      }); 

      services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2).
          AddRazorPagesOptions(options =>
      {
        options.AllowAreas = true;
        options.Conventions.AuthorizeAreaFolder("Identity", "/Account/Manage");
        options.Conventions.AuthorizeAreaPage("Identity", "/Account/Logout");
      });
      services.ConfigureApplicationCookie(options =>
      {
          options.LoginPath = $"/Identity/Account/Login";
          options.LogoutPath = $"/Identity/Account/Logout";
          options.AccessDeniedPath = $"/Identity/Account/AccessDenied";
      });

      services.AddAntiforgery(o => o.HeaderName = "XSRF-TOKEN");    
      services.AddMvc().AddJsonOptions(options =>
      {
        options.SerializerSettings.ContractResolver = new Newtonsoft.Json.Serialization.DefaultContractResolver();
      });
      //enforce HTTPS globally in the app. 
      services.Configure<MvcOptions>(mvcOptions =>
      {
        mvcOptions.Filters.Add(new RequireHttpsAttribute());
      });
    }

    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
      if (env.IsDevelopment())
      {
          app.UseDeveloperExceptionPage();
          app.UseDatabaseErrorPage();
      }
      else
      {
          app.UseExceptionHandler("/Error");
          // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
          app.UseHsts();
      }
      app.UseHttpsRedirection();
      app.UseStaticFiles();
      app.UseCookiePolicy();
      app.UseAuthentication();
      app.UseMvc();
    }
  }

标签: c#asp.net-coreasp.net-identityrazor-pages

解决方案

不知何故,我总是能够在我发布到 stackoverflow 后立即找出答案。@KirkLarkin 是对的,我需要在我的 facebook 按钮中指定 name="provider"。

<form asp-area="Identity" asp-page="/Account/ExternalLogin" asp-route-returnUrl="@Model.ReturnUrl" method="post">                         
<div class="row">
<div class="col-md-6">
<div class="form-group">
<button type="submit" name="provider" value="Facebook">
<span class="btn-inner--icon">
<i class="fab fa-facebook"></i>
</span>
</button>
</div>
</div>

推荐阅读