我正在尝试使用我自己的 UserStore for SSO 来让 IdentityServer4 使用 ASP.NET Core Identity。虽然指南看起来相当简单,而且身份验证过程本身似乎也能正常工作,但在应用程序(另一个 ASP.NET Core MVC 应用程序)中,我收到以下错误:Error loading external login information
我的设置如下:
对于 ASP.NET MVC 应用程序(客户端):
services.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
})
.AddCookie("Cookies", options =>
{
options.ExpireTimeSpan =TimeSpan.FromMinutes(30);
})
.AddOpenIdConnect("oidc", options =>
{
options.SignInScheme = "Cookies";
options.Authority = "https://localhost:5001/";
options.ClientId = "clientId";
options.ClientSecret = "secret";
options.SaveTokens = true;
options.ResponseType = "code id_token";
options.Scope.Add(IdentityServerConstants.StandardScopes.Profile);
options.Scope.Add(IdentityServerConstants.StandardScopes.Email);
options.Scope.Add(IdentityServerConstants.StandardScopes.OfflineAccess);
options.GetClaimsFromUserInfoEndpoint = true;
});
对于 IdentityServer4 应用程序:
services.AddScoped<UserManager<User>, MyUserManager>();
services.AddIdentity<User, UserGroup>()
.AddRoleStore<MyRoleStore>()
.AddUserStore<MyUserStore>()
.AddDefaultTokenProviders();
services.Configure<IdentityOptions>(options =>
{
options.ClaimsIdentity.UserIdClaimType = JwtClaimTypes.Subject;
options.ClaimsIdentity.UserNameClaimType = JwtClaimTypes.Name;
options.ClaimsIdentity.RoleClaimType = JwtClaimTypes.Role;
});
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryApiResources(OpenIDConfig.GetApiResources())
.AddInMemoryIdentityResources(OpenIDConfig.GetIdentityResources())
.AddInMemoryClients(OpenIDConfig.GetClients())
.AddResourceOwnerValidator<ResourceOwnerPasswordValidator<User>>()
.AddProfileService<ProfileService<User>>();
主要问题是,在成功的身份验证流程之后,我什至不知道从哪里开始寻找为什么会出现问题。
最佳答案
因为它确实对我有帮助 - 但我几乎错过了评论中的 anserw 我会把它放在这里。评论由@Thomas Levesque 发表,您可能会感谢他的回答;-)
in fact the problem was that I was changing the default SignInScheme in the Google options. It has to be IdentityConstants.ExternalScheme, because that's what SignInManager.GetExternalLoginInfoAsync uses.
关于c# - IdentityServer4 with ASP.NET Core 2.1 Identity - 加载外部登录信息时出错,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50992544/