因此,我正在构建一个ASP.NET Core 2.2应用程序,并且试图在此系统中实现Okta验证。 我已经看到“异常:关联失败”这个问题已经在许多留言板上的许多线程上进行了讨论,我已经尝试过这些解决方案,但我担心它们中没有一个起作用。
我很茫然,需要换个角度来看。
因此,当我最初将其实现到代码中时,我按照Okta它自己的文档中的说明进行了操作。 到目前为止,我添加了其他解决方案中包含的内容,因此它有所增加。
Startup.cs
public void ConfigureServices(IServiceCollection services)
{
// Some people had issues with this one being in here,// but for me it "works" with and without
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
// here are some services.AddTransient and cors policies
services.Configure<OpenIdConnectOptions>(options =>
{
options.Events.OnRemoteFailure = RemoteAuthFail;
});
// Basicly here is where I added the boilerplate code made by okta.
// As I was looking into threads trying to solve the issue it grew into this
////////////////////////////////////
services.AddAuthentication(options =>
{
options.DefaultScheme = "somename";
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OktaDefaults.MvcAuthenticationScheme;
})
.AddCookie(cookieAuthOptions =>
{
cookieAuthOptions.Cookie.Name = "chocolatechip";
cookieAuthOptions.accessDeniedPath = "/error/accessdenied";
cookieAuthOptions.ExpireTimeSpan = new TimeSpan(0,2,0);
})
.AddOpenIdConnect("OpenIdConnect",option =>
{
option.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProvider = redirectContext =>
{
if (Env.IsEnvironment("Debug"))
{
//Force scheme of redirect URI(THE IMPORTANT PART)
redirectContext.ProtocolMessage.Redirecturi = redirectContext.ProtocolMessage.Redirecturi.Replace("https://","http://",StringComparison.OrdinalIgnoreCase);
}
return Task.FromResult(0);
}
};
option.ClientId = "SomeclientId";
option.ClientSecret = "SomeclientSecret";
option.CallbackPath = "TheCallbackPath";
option.Authority = "This is suppose to be some URI";
})
.AddOktaWebApi(new OktaWebApiOptions()
{
AuthorizationServerId = "anotherId",OktaDomain = "TheDevDomain"
});
////////////////////////////////////
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
services.AddMvc(options => options.OutputFormatters.Add(new HtmlOutputFormatter()));
}
public void Configure(IApplicationBuilder app,IHostingEnvironment env,ILoggerFactory loggerFactory)
{
loggerFactory.AddLog4Net("log4net.config",false);
app.UseHttpStatusCodeExceptions();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseHsts();
}
app.UseCors(CRSpecificOrigins);
app.UseHttpsRedirection();
app.UseStaticfiles();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseMvc();
}