如何解决调用HttpContext.AuthenticateAsync身份时不存在
我正在编写自己的IAM,但是远程身份验证存在一些问题。
经过我的远程处理程序后,该处理程序最后return HandleRequestResult.Success(ticket);
,然后将我发送回我的ExternalController。
但是当我接着说
var result = await HttpContext.AuthenticateAsync(IdentityConstants.ExternalScheme);
但是result.Succeeded
永远都不是真实的,身份也不在那里。
我不确定自己做错了什么,因为我看过其他人也可以用相同的方式来做。
在我的配置中:
var authbuilder = services.AddAuthentication();
authbuilder.AddSignicat(options =>
{
options.SignInScheme = IdentityConstants.ExternalScheme;
options.ClientId = "<clientId>";
options.ClientSecret = "<client secret>";
options.Events.OnCreatingTicket = async context =>
{
var request = new HttpRequestMessage(HttpMethod.Get,context.Options.UserInformationEndpoint);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer",context.AccessToken);
var response = await context.Backchannel.SendAsync(request,context.HttpContext.RequestAborted);
if (!response.IsSuccessStatusCode)
throw new HttpRequestException($"An error occurred when retrieving Signicat user information ({response.StatusCode}). Please check if the authentication information is correct.");
using var user = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
context.RunClaimActions(user.RootElement);
};
});
我的选项类别:
public class SignicatOptions : OAuthOptions
{
public SignicatSettings Settings { get; set; }
public SignicatOptions()
{
CallbackPath = SignicatDefaults.CallbackPath;
Scope.Add("openid");
Scope.Add("profile");
Scope.Add("signicat.national_id");
ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier,"sub");
ClaimActions.MapJsonKey(ClaimTypes.Name,"name");
ClaimActions.MapJsonKey(ClaimTypes.GivenName,"given_name");
ClaimActions.MapJsonKey(ClaimTypes.Surname,"family_name");
ClaimActions.MapJsonKey("urn:lazysystems:cpr","signicat.national_id");
_stateCookieBuilder = new SignicatCookieBuilder(this)
{
Name = StateCookieName,SecurePolicy = CookieSecurePolicy.SameAsRequest,HttpOnly = true,SameSite = SameSiteMode.Lax,};
}
public string StateCookieName { get; } = "__SignicatState";
private CookieBuilder _stateCookieBuilder;
public CookieBuilder StateCookie
{
get => _stateCookieBuilder;
set => _stateCookieBuilder = value ?? throw new ArgumentNullException(nameof(value));
}
private class SignicatCookieBuilder : CookieBuilder
{
private readonly SignicatOptions _options;
public SignicatCookieBuilder(SignicatOptions options)
{
_options = options;
}
public override CookieOptions Build(HttpContext context,DateTimeOffset expiresFrom)
{
var options = base.Build(context,expiresFrom);
if (!Expiration.HasValue)
{
options.Expires = expiresFrom.Add(TimeSpan.FromMinutes(5));
}
return options;
}
}
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。