c# - .Net Core Identity 2 Provider login Cancel 导致未处理的异常

Question

我已将 LinkedIn 添加为提供商。我已经实现了登录并在 LinkedIn 上注册，没有任何问题。在用户从提供商页面中取消(linkedIn 登录或取消应用程序授权)的用例中，身份中间件似乎抛出未处理的异常:

An unhandled exception occurred while processing the request.
Exception: user_cancelled_login;Description=The user cancelled LinkedIn login
Unknown location

Exception: An error was encountered while handling the remote login.

Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler.HandleRequestAsync()

System.Exception: user_cancelled_login;Description=The user cancelled LinkedIn login

Exception: An error was encountered while handling the remote login.

启动时的提供者设置定义了回调:

services.AddAuthentication().AddOAuth("LinkedIn", "LinkedIn", c =>
        {
            c.ClientId = Configuration["Authentication:LinkedIn:ClientId"];
            c.ClientSecret = Configuration["Authentication:LinkedIn:ClientSecret"];
            c.Scope.Add("r_basicprofile");
            c.Scope.Add("r_emailaddress");
            c.CallbackPath = "/signin-linkedin";
....

正如我所说，中间件似乎可以处理所有其他情况，除了用户在 LinkedIn 页面中取消的情况。来自 LinkedIn 的返回 URL 看起来是正确的:

https://localhost:44372/signin-linkedin?error=user_cancelled_login&error_description=The+user+cancelled+LinkedIn+login&state=CfDJ8MA7iQUuXmhBuZKmyWK9xeAgBBkQvnhf1akLhCIn9bsajCPUf7Wg22oeZBH9jZOIY3YrchMSWZ4dH7NQ1UngLKEuqgU-IHfBglbgJDtS-wc4Z-6DnW66uR0G1ubvNVqatFJHYv17pgqZT98suVkvKgihcJdbNEw7b1ThkuFbn9-5EcYhQ5ln6ImoTgthT8io1DOcCfc_-nBVfOa93a6CpUJTsZc9w93i70jn5dKKXSLntZe0VyRSA0r0PKc5spu5En-0R1rxiLjsjo4dy89PV3A

但永远不会进入我的 ExternalCallback Controller 方法，在该方法中处理成功登录/授权等其他情况？？

我想知道这是否适用于拥有第 3 部分提供商的其他人？

Answer 1

有一个 Github issue这更详细地解释了这里发生的事情，并提供了一些关于为什么发生的信息，甚至表明这不会被“修复”:

Handling the RemoteFailure event is the right thing to do. We should update our docs/samples to show how to handle that event and at least show a more appropriate message to the user. The error page sample could include a link to enabled the user to try logging in again.

Unfortunately it's difficult to implement this event in a very generic way that's also super useful because each remote auth provider has its own behavior for different types of failures.

解决方法(如上所述)是处理 RemoteFailure 事件:

services.AddAuthentication().AddOAuth("LinkedIn", "LinkedIn", c => {
    // ...
    c.Events.OnRemoteFailure = ctx =>
    {
        // React to the error here. See the notes below.
        return Task.CompletedTask;
    }
    // ...
});

ctx 是 RemoteFailureContext 的实例，其中包括 Exception描述出了什么问题的属性。 ctx 还包含一个 HttpContext属性，允许您执行重定向等，以响应此类异常。