asp.net-core - 由于授权失败异常,带有 AzureADB2C 的 Blazor 卡在永久登录周期
问题描述
我想使用 AzureADB2C 授权我的应用程序。我使用常见的RedirectToLogin模式
<AuthorizeView>
<Authorized>
...
</Authorized>
<NotAuthorized>
@{ Console.WriteLine("Not Authorized");}
<RedirectToLogin/>
</NotAuthorized>
</AuthorizeView>
重定向到登录的地方是重定向到 AzureADB2C.UI 控制器
_navigationManager.NavigateTo("AzureADB2C/Account/SignIn", true);
之前一切正常,并且在 chrome 的隐身模式下仍然可以正常工作。但在正常模式下,它陷入了一个永久循环,它重定向到 AzureADB2C 以登录,重定向回来,因为它已经登录,但进入 NotAuthorized 部分,依此类推。
在输出中,有一行
Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The required antiforgery cookie ".AspNetCore.Antiforgery.2Onc2cpxnQY" is not present.
但是如果我禁用 AntiforgeryValidation
services.AddRazorPages(o =>
{
o.Conventions.ConfigureFilter(new IgnoreAntiforgeryTokenAttribute());
});
//services.AddRazorPages();
services.AddServerSideBlazor();
仍然存在一些阻止授权的静默错误。这是调试输出
Microsoft.AspNetCore.Components.Server.Circuits.RemoteNavigationManager: Debug: Requesting navigation to URI AzureADB2C/Account/SignIn?state=hello with forceLoad=True
Microsoft.AspNetCore.Components.Server.Circuits.RemoteJSRuntime: Debug: Begin invoke JS interop '4': 'Blazor._internal.navigationManager.navigateTo'
Microsoft.AspNetCore.Components.Server.Circuits.CircuitHost: Debug: The JS interop call with callback id '4' succeeded.
Microsoft.AspNetCore.Hosting.Diagnostics: Information: Request starting HTTP/1.1 GET http://localhost:44377/AzureADB2C/Account/SignIn?state=hello
Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware: Debug: The request path /AzureADB2C/Account/SignIn does not match a supported file type
Microsoft.AspNetCore.Routing.Matching.DfaMatcher: Debug: 2 candidate(s) found for the request path '/AzureADB2C/Account/SignIn'
Microsoft.AspNetCore.Routing.Matching.DfaMatcher: Debug: Endpoint 'Microsoft.AspNetCore.Authentication.AzureADB2C.UI.AzureADB2C.Controllers.Internal.AccountController.SignIn (Microsoft.AspNetCore.Authentication.AzureADB2C.UI)' with route pattern 'AzureADB2C/Account/SignIn/{scheme?}' is valid for the request path '/AzureADB2C/Account/SignIn'
Microsoft.AspNetCore.Routing.Matching.DfaMatcher: Debug: Endpoint 'Fallback {*path:nonfile}' with route pattern '{*path:nonfile}' is valid for the request path '/AzureADB2C/Account/SignIn'
Microsoft.AspNetCore.Routing.EndpointRoutingMiddleware: Debug: Request matched endpoint 'Microsoft.AspNetCore.Authentication.AzureADB2C.UI.AzureADB2C.Controllers.Internal.AccountController.SignIn (Microsoft.AspNetCore.Authentication.AzureADB2C.UI)'
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler: Debug: AuthenticationScheme: AzureADB2CCookie was not authenticated.
Microsoft.AspNetCore.Routing.Tree.TreeRouter: Debug: Request successfully matched the route with name '(null)' and template 'AzureADB2C/Account/SignIn/{scheme?}'
Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker: Information: Route matched with {area = "AzureADB2C", action = "SignIn", controller = "Account", page = ""}. Executing controller action with signature Microsoft.AspNetCore.Mvc.IActionResult SignIn(System.String, System.String) on controller Microsoft.AspNetCore.Authentication.AzureADB2C.UI.AzureADB2C.Controllers.Internal.AccountController (Microsoft.AspNetCore.Authentication.AzureADB2C.UI).
Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker: Debug: Execution plan of authorization filters (in the following order): None
Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker: Debug: Execution plan of resource filters (in the following order): Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter
Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker: Debug: Execution plan of action filters (in the following order): Microsoft.AspNetCore.Mvc.Filters.ControllerActionFilter (Order: -2147483648), Microsoft.AspNetCore.Mvc.ModelBinding.UnsupportedContentTypeFilter (Order: -3000)
Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker: Debug: Execution plan of exception filters (in the following order): None
Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker: Debug: Execution plan of result filters (in the following order): Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter
Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker: Debug: Executing controller factory for controller Microsoft.AspNetCore.Authentication.AzureADB2C.UI.AzureADB2C.Controllers.Internal.AccountController (Microsoft.AspNetCore.Authentication.AzureADB2C.UI)
Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker: Debug: Executed controller factory for controller Microsoft.AspNetCore.Authentication.AzureADB2C.UI.AzureADB2C.Controllers.Internal.AccountController (Microsoft.AspNetCore.Authentication.AzureADB2C.UI)
Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker: Information: Executing action method Microsoft.AspNetCore.Authentication.AzureADB2C.UI.AzureADB2C.Controllers.Internal.AccountController.SignIn (Microsoft.AspNetCore.Authentication.AzureADB2C.UI) - Validation state: Valid
Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker: Information: Executed action method Microsoft.AspNetCore.Authentication.AzureADB2C.UI.AzureADB2C.Controllers.Internal.AccountController.SignIn (Microsoft.AspNetCore.Authentication.AzureADB2C.UI), returned result Microsoft.AspNetCore.Mvc.ChallengeResult in 0.0463ms.
Microsoft.AspNetCore.Mvc.ChallengeResult: Information: Executing ChallengeResult with authentication schemes (AzureADB2C).
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler: Debug: HandleChallenge with Location: https://....b2clogin.com/.../b2c_1_susi_debug/oauth2/v2.0/authorize?...
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler: Information: AuthenticationScheme: AzureADB2COpenID was challenged.
Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker: Information: Executed action Microsoft.AspNetCore.Authentication.AzureADB2C.UI.AzureADB2C.Controllers.Internal.AccountController.SignIn (Microsoft.AspNetCore.Authentication.AzureADB2C.UI) in 37.236ms
Microsoft.AspNetCore.Hosting.Diagnostics: Information: Request finished in 61.4082ms 302
Microsoft.AspNetCore.Http.Connections.Internal.Transports.WebSocketsTransport: Debug: Waiting for the application to finish sending data.
Microsoft.AspNetCore.SignalR.HubConnectionHandler: Debug: OnConnectedAsync ending.
Microsoft.AspNetCore.Http.Connections.Internal.HttpConnectionManager: Debug: Removing connection 9RAYKqX7W11hXUt9cHz15w from the list of connections.
Microsoft.AspNetCore.Routing.EndpointMiddleware: Information: Executed endpoint '/_blazor'
Microsoft.AspNetCore.Hosting.Diagnostics: Information: Request finished in 790.7527ms 101
Microsoft.AspNetCore.Hosting.Diagnostics: Information: Request starting HTTP/1.1 POST http://localhost:44377/_blazor/disconnect multipart/form-data; boundary=----WebKitFormBoundarymF4fZsaeLr6SecM9 359
Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware: Debug: POST requests are not supported
Microsoft.AspNetCore.Routing.Matching.DfaMatcher: Debug: 2 candidate(s) found for the request path '/_blazor/disconnect'
Microsoft.AspNetCore.Routing.Matching.DfaMatcher: Debug: Endpoint 'Blazor disconnect' with route pattern '/_blazor/disconnect/' is valid for the request path '/_blazor/disconnect'
Microsoft.AspNetCore.Routing.Matching.DfaMatcher: Debug: Endpoint 'Fallback {*path:nonfile}' with route pattern '{*path:nonfile}' is valid for the request path '/_blazor/disconnect'
Microsoft.AspNetCore.Routing.EndpointRoutingMiddleware: Debug: Request matched endpoint 'Blazor disconnect'
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler: Debug: AuthenticationScheme: AzureADB2CCookie was not authenticated.
Microsoft.AspNetCore.Components.Server.Circuits.CircuitHost: Debug: Disposing circuit 'JNHhYB29Nm5n0jAtPW6p95PgrxY0b8ied423l_Dmd4M' succeded.
Microsoft.AspNetCore.Components.Server.CircuitDisconnectMiddleware: Debug: Circuit with id 'JNHhYB29Nm5n0jAtPW6p95PgrxY0b8ied423l_Dmd4M' terminated gracefully.
Microsoft.AspNetCore.Routing.EndpointMiddleware: Information: Executed endpoint 'Blazor disconnect'
Microsoft.AspNetCore.Hosting.Diagnostics: Information: Request finished in 50.466ms 200
Microsoft.AspNetCore.Hosting.Diagnostics: Information: Request starting HTTP/1.1 POST http://localhost:44377/signin-oidc application/x-www-form-urlencoded 1356
Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware: Debug: POST requests are not supported
Microsoft.AspNetCore.Routing.Matching.DfaMatcher: Debug: 1 candidate(s) found for the request path '/signin-oidc'
Microsoft.AspNetCore.Routing.Matching.DfaMatcher: Debug: Endpoint 'Fallback {*path:nonfile}' with route pattern '{*path:nonfile}' is valid for the request path '/signin-oidc'
Microsoft.AspNetCore.Routing.EndpointRoutingMiddleware: Debug: Request matched endpoint '/_Host'
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler: Debug: Updating configuration
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler: Debug: Received 'id_token'
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler: Information: AuthenticationScheme: AzureADB2CCookie signed in.
Microsoft.AspNetCore.Hosting.Diagnostics: Information: Request finished in 14.9947ms 302
Microsoft.AspNetCore.Hosting.Diagnostics: Information: Request starting HTTP/1.1 GET http://localhost:44377/
Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware: Debug: The request path / does not match a supported file type
Microsoft.AspNetCore.Routing.Matching.DfaMatcher: Debug: 2 candidate(s) found for the request path '/'
Microsoft.AspNetCore.Routing.Matching.DfaMatcher: Debug: Endpoint 'Page: /_Host' with route pattern '' is valid for the request path '/'
Microsoft.AspNetCore.Routing.Matching.DfaMatcher: Debug: Endpoint 'Fallback {*path:nonfile}' with route pattern '{*path:nonfile}' is valid for the request path '/'
Microsoft.AspNetCore.Routing.EndpointRoutingMiddleware: Debug: Request matched endpoint '/_Host'
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler: Debug: AuthenticationScheme: AzureADB2CCookie was not authenticated.
Microsoft.AspNetCore.Routing.Tree.TreeRouter: Debug: Request successfully matched the route with name '(null)' and template ''
Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker: Information: Route matched with {page = "/_Host", area = "", action = "", controller = ""}. Executing page /_Host
Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker: Debug: Execution plan of authorization filters (in the following order): Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.AutoValidateAntiforgeryTokenAuthorizationFilter
Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker: Debug: Execution plan of resource filters (in the following order): Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter
Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker: Debug: Execution plan of action filters (in the following order): Microsoft.AspNetCore.Mvc.ModelBinding.UnsupportedContentTypeFilter (Order: -3000)
Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker: Debug: Execution plan of exception filters (in the following order): None
Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker: Debug: Execution plan of result filters (in the following order): Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter
Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker: Debug: Executing page factory for page Some.Spa.Pages.Pages__Host (Some.Spa.Views)
Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker: Debug: Executed page factory for page Some.Spa.Pages.Pages__Host (Some.Spa.Views)
Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker: Information: Executing an implicit handler method - ModelState is Valid
Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker: Information: Executed an implicit handler method, returned result Microsoft.AspNetCore.Mvc.RazorPages.PageResult.
Microsoft.AspNetCore.Authorization.DefaultAuthorizationService: Information: Authorization failed.
那可能是什么?
另一个相关问题 - 如果生产中发生此类错误,如何防止无限登录循环?
解决方案
推荐阅读
- laravel - Laravel:“$ php artisan route:list”不显示 App\Http\Controllers\API 中的路由列表
- c++ - C++内存泄漏动态分配的二维数组和链表
- html - 如何响应网站阻止的功能?
- http - Flutter http 客户端给出 FormatException: Unexpected character (at character 1)
- reactjs - antd V4中Form.List下如何设置多个FormItem
- python - Docker 文件路径格式 - 如何从 docker 中的路径访问文件?
- python - 如何从 Windows 路径读取 CSV 文件?
- c++ - 我的 C++ 素数标识符和素因子查找器有一个错误
- swift - 改变初始变量的 C 风格 for 循环的快速方法?
- swift - 自定义单元格中的 UIImageView 无法正常工作