c# - AADSTS900561：端点只接受 POST 请求。收到一个 GET 请求

问题描述

我有asp.net web 应用程序。我正在将此应用程序迁移到 azure 并实施 Azure AD 身份验证。AD 身份验证和基于 Approle 的授权按预期工作。我在退出应用程序时遇到问题。

提到的 msdn-site也尝试了这些设置，但我仍然遇到同样的问题。

需要帮助解决这个问题！！谢谢！！

我在帐户控制器中的注销方法如下

public void SignOut()
    {

        HttpContext.GetOwinContext()
        .Authentication

        .SignOut(CookieAuthenticationDefaults.AuthenticationType);

        HttpContext.GetOwinContext().Authentication.SignOut(
                 CookieAuthenticationDefaults.AuthenticationType, OpenIdConnectAuthenticationDefaults.AuthenticationType);
 
    }

Startup.cs configauth 如下

public void ConfigureAuth(IAppBuilder app)
    {


        app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);


        app.UseCookieAuthentication(new CookieAuthenticationOptions());

        app.UseOpenIdConnectAuthentication(
            new OpenIdConnectAuthenticationOptions
            {
                ClientId = clientId,
                Authority = Authority,
                PostLogoutRedirectUri = redirectUri,
                RedirectUri = redirectUri,
                TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuer = true,
                    NameClaimType = "upn",
                    RoleClaimType = "roles",    // The claim in the Jwt token where App roles are provided.
                },
                Notifications = new OpenIdConnectAuthenticationNotifications()
                {
                    //
                    // If there is a code in the OpenID Connect response, redeem it for an access token and refresh token, and store those away.
                    //
                    AuthorizationCodeReceived = OnAuthorizationCodeReceived,
                    AuthenticationFailed = OnAuthenticationFailed
                }

            });

        // Configure the db context, user manager and signin manager to use a single instance per request
        app.CreatePerOwinContext(ApplicationDbContext.Create);           
        

    }

带有 AD 配置详细信息的 web.config 如下

<add key="ida:ClientId" value="xxxxx-xxxx-xx-xxxx-xxxxxxx"/>
<add key="ida:Tenant" value="xxxxxx.onmicrosoft.com"/>
<add key="ida:AADInstance" value="https://login.microsoftonline.com/{0}"/>
<add key="ida:PostLogoutRedirectUri" value="https://login.microsoftonline.com/common/oauth2/v2.0/logoutsession/"/>
<add key="ida:RedirectUri" value="https://xxxxxxxx.azurewebsites.net/"/>

标签： c#asp.netweb-applicationsazure-active-directorylogout

c# - AADSTS900561：端点只接受 POST 请求。收到一个 GET 请求

问题描述

解决方案

推荐阅读