我决定尝试添加新的Google Oauth2中间件,它几乎破坏了一切。这是我的提供者配置从startup.auth.cs ..打开时,所有的提供程序,包括谷歌提供商获得一个500内部服务器在挑战。然而,内部服务器错误的细节是不可用的,我不知道如何打开任何调试或跟踪的Katana中间件。似乎像我们一样急于把谷歌的Oauth中间件送到门外。
- var googleOptions = new GoogleOAuth2AuthenticationOptions
- {
- ClientId = "228",ClientSecret = "k",CallbackPath = new PathString("/users/epsignin")
- SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie,Provider = new GoogleOAuth2AuthenticationProvider
- {
- OnAuthenticated = context =>
- {
- foreach (var x in context.User)
- {
- string claimType = string.Format("urn:google:{0}",x.Key);
- string claimValue = x.Value.ToString();
- if (!context.Identity.HasClaim(claimType,claimValue))
- context.Identity.AddClaim(new Claim(claimType,claimValue,XmlSchemaString,"Google"));
- }
- return Task.FromResult(0);
- }
- }
- };
- app.UseGoogleAuthentication(googleOptions);
ActionMethod代码:
- [AllowAnonymous]
- public ActionResult ExternalProviderSignIn(string provider,string returnUrl)
- {
- var ctx = Request.GetOwinContext();
- ctx.Authentication.Challenge(
- new AuthenticationProperties
- {
- RedirectUri = Url.Action("EPSignIn",new { provider })
- },provider);
- return new HttpUnauthorizedResult();
- }
解决方法
这花了我几个小时才弄清楚,但问题是由@CrazyCoder提到的CallbackPath。我意识到CallbackPath在public void ConfigureAuth(IAppBuilder app)中必须与在ChallengeResult中设置时不同。如果它们相同,则在OWIN中抛出500个错误。
我的代码是用于ConfigureAuth(IAppBuilder app)的
- var googleOptions = new Microsoft.Owin.Security.Google.GoogleOAuth2AuthenticationOptions
- {
- ClientId = "xxx",ClientSecret = "yyy",CallbackPath = new PathString("/callbacks/google"),//this is never called by MVC,but needs to be registered at your oAuth provider
- Provider = new GoogleOAuth2AuthenticationProvider
- {
- OnAuthenticated = (context) =>
- {
- context.Identity.AddClaim(new Claim("picture",context.User.GetValue("picture").ToString()));
- context.Identity.AddClaim(new Claim("profile",context.User.GetValue("profile").ToString()));
- return Task.FromResult(0);
- }
- }
- };
- googleOptions.Scope.Add("email");
- app.UseGoogleAuthentication(googleOptions);
我的’回调’控制器代码是:
- // GET: /callbacks/googlereturn - callback Action
- [AllowAnonymous]
- public async Task<ActionResult> googlereturn()
- {
- return View();
- }
- //POST: /Account/GooglePlus
- public ActionResult GooglePlus()
- {
- return new ChallengeResult("Google",Request.Url.GetLeftPart(UriPartial.Authority) + "/callbacks/googlereturn",null);
- //Needs to be a path to an Action that will handle the oAuth Provider callback
- }
- private class ChallengeResult : HttpUnauthorizedResult
- {
- public ChallengeResult(string provider,string redirectUri)
- : this(provider,redirectUri,null)
- {
- }
- public ChallengeResult(string provider,string redirectUri,string userId)
- {
- LoginProvider = provider;
- RedirectUri = redirectUri;
- UserId = userId;
- }
- public string LoginProvider { get; set; }
- public string RedirectUri { get; set; }
- public string UserId { get; set; }
- public override void ExecuteResult(ControllerContext context)
- {
- var properties = new AuthenticationProperties() { RedirectUri = RedirectUri };
- if (UserId != null)
- {
- properties.Dictionary[XsrfKey] = UserId;
- }
- context.HttpContext.GetOwinContext().Authentication.Challenge(properties,LoginProvider);
- }
- }
>回调/谷歌似乎由OWIN处理
回调/ googlereturn似乎由MVC处理
它现在都在工作,虽然很想知道发生在帽子下的事情
除非另有要求,否则我的建议是让OWIN使用默认的重定向路径,并确保不要自己使用它们。
