前端之家

  1. 首页
  2. 问答

例外:关联失败。 Okta在C#中的未知位置

问答

因此,我正在构建一个ASP.NET Core 2.2应用程序,并且试图在此系统中实现Okta验证。 我已经看到“异常:关联失败”这个问题已经在许多留言板上的许多线程上进行了讨论,我已经尝试过这些解决方案,但我担心它们中没有一个起作用。

我很茫然,需要换个角度来看。

因此,当我最初将其实现到代码中时,我按照Okta它自己的文档中的说明进行了操作。 到目前为止,我添加了其他解决方案中包含的内容,因此它有所增加。

Startup.cs 

public void ConfigureServices(IServiceCollection services)
{

    // Some people had issues with this one being in here,// but for me it "works" with and without
    services.Configure<CookiePolicyOptions>(options =>
    {
        // This lambda determines whether user consent for non-essential cookies is needed for a given request.
        options.CheckConsentNeeded = context => true;
        options.MinimumSameSitePolicy = SameSiteMode.None;
    });

    // here are some services.AddTransient and cors policies



    services.Configure<OpenIdConnectOptions>(options =>
    {
        options.Events.OnRemoteFailure = RemoteAuthFail;
    });



    // Basicly here is where I added the boilerplate code made by okta.
    // As I was looking into threads trying to solve the issue it grew into this
    ////////////////////////////////////
    services.AddAuthentication(options =>
    {
        options.DefaultScheme = "somename";
        options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultChallengeScheme = OktaDefaults.MvcAuthenticationScheme;
    })
    .AddCookie(cookieAuthOptions =>
    {
        cookieAuthOptions.Cookie.Name = "chocolatechip";
        cookieAuthOptions.accessDeniedPath = "/error/accessdenied";
        cookieAuthOptions.ExpireTimeSpan = new TimeSpan(0,2,0);
    })
    .AddOpenIdConnect("OpenIdConnect",option =>
    {
        option.Events = new OpenIdConnectEvents
        {
            OnRedirectToIdentityProvider = redirectContext =>
            {
                if (Env.IsEnvironment("Debug"))
                {
                    //Force scheme of redirect URI(THE IMPORTANT PART)
                    redirectContext.ProtocolMessage.Redirecturi = redirectContext.ProtocolMessage.Redirecturi.Replace("https://","http://",StringComparison.OrdinalIgnoreCase);
                }
                return Task.FromResult(0);
            }
        };
        option.ClientId = "SomeclientId";
        option.ClientSecret = "SomeclientSecret";
        option.CallbackPath = "TheCallbackPath";
        option.Authority = "This is suppose to be some URI";
    })
    .AddOktaWebApi(new OktaWebApiOptions()
    {
        AuthorizationServerId = "anotherId",OktaDomain = "TheDevDomain"
    });
    ////////////////////////////////////


    services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
    services.AddMvc(options => options.OutputFormatters.Add(new HtmlOutputFormatter()));
}


public void Configure(IApplicationBuilder app,IHostingEnvironment env,ILoggerFactory loggerFactory)
{
    loggerFactory.AddLog4Net("log4net.config",false);
    app.UseHttpStatusCodeExceptions();

    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }
    else
    {

        app.UseHsts();
    }

    app.UseCors(CRSpecificOrigins);
    app.UseHttpsRedirection();
    app.UseStaticfiles();
    app.UseCookiePolicy();
    app.UseAuthentication();

    app.UseMvc();
}
superhsq 回答:例外:关联失败。 Okta在C#中的未知位置

我很快遇到了同样的问题。我使用下面的代码解决了这个问题。也许有帮助。

在AddOpenIdConnect(“ oidc或xxx”)的代码块中。

如果您使用.net core> 2。* 

options.NonceCookie.SameSite = (SameSiteMode) (-1);
options.CorrelationCookie.SameSite = (SameSiteMode) (-1);

如果您使用.net> 3。* 

options.NonceCookie.SameSite = SameSiteMode.Unspecified;
options.CorrelationCookie.SameSite = SameSiteMode.Unspecified;
c#oktaokta-api
本文链接:https://www.f2er.com/3012527.html

大家都在问