我正在尝试按照此处的教程:https://vcsjones.com/2015/05/04/authenticating-asp-net-5-to-ad-fs-oauth/配置AD FS服务器的OAuth身份验证。
这是我的原始例外:
System.NotSupportedException: Specified method is not supported.
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleSignInAsync(SignInContext context)
at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.<SignInAsync>d__61.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Http.Authentication.Internal.DefaultAuthenticationManager.<SignInAsync>d__13.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.<HandleRemoteCallbackAsync>d__5.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.<HandleRequestAsync>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.<Invoke>d__6.MoveNext()
这是我的ConfigureServices()方法:
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
services.AddMvc();
services.AddAuthentication(opts => opts.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme);
services.Configure<OAuthOptions>(opt =>
{
opt.AutomaticAuthenticate = true;
opt.AutomaticChallenge = true;
opt.AuthenticationScheme = CookieAuthenticationDefaults.AuthenticationScheme;
opt.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
opt.ClientId = "44ADBF90-0626-4730-8EC7-2D007F59B8D3";
opt.ClientSecret = "abc123!";
opt.CallbackPath = new PathString("/oauth-callback");
opt.Events = new OAuthEvents
{
OnRedirectToAuthorizationEndpoint = ctx =>
{
var parameter = new Dictionary<string, string>
{
["resource"] = "https://myapp.dev"
};
var query = QueryHelpers.AddQueryString(ctx.RedirectUri, parameter);
ctx.Response.Redirect(query);
return Task.FromResult(0);
},
OnCreatingTicket = ctx =>
{
var token = new JwtSecurityToken(ctx.AccessToken);
var identity = new ClaimsIdentity(token.Claims, ctx.Options.AuthenticationScheme, "upn", "role");
ctx.Ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), ctx.Ticket.Properties, ctx.Options.AuthenticationScheme);
return Task.FromResult(0);
}
};
opt.ClaimsIssuer = "https://myapp.dev";
opt.AuthorizationEndpoint = "https://adfs.mycompany.com/adfs/oauth2/authorize/";
opt.TokenEndpoint = "https://adfs.mycompany.com/adfs/oauth2/token/";
});
services.Configure<CookieAuthenticationOptions>(opt =>
{
opt.AuthenticationScheme = CookieAuthenticationDefaults.AuthenticationScheme;
opt.AutomaticAuthenticate = true;
opt.AutomaticChallenge = true;
});
}
我的Configure()方法:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseCookieAuthentication();
app.UseOAuthAuthentication();
app.UseStaticFiles();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
提前感谢您提供任何建议。
修改
项目依赖项:
"Microsoft.AspNetCore.Authentication.Cookies": "1.0.0",
"Microsoft.AspNetCore.Authentication.OAuth": "1.0.0",
"Microsoft.AspNetCore.Diagnostics": "1.0.0",
"Microsoft.AspNetCore.Mvc": "1.0.0",
"Microsoft.AspNetCore.Razor.Tools": {
"version": "1.0.0-preview2-final",
"type": "build"
},
"Microsoft.AspNetCore.Server.IISIntegration": "1.0.0",
"Microsoft.AspNetCore.Server.Kestrel": "1.0.0",
"Microsoft.AspNetCore.StaticFiles": "1.0.0",
"Microsoft.Extensions.Configuration.EnvironmentVariables": "1.0.0",
"Microsoft.Extensions.Configuration.Json": "1.0.0",
"Microsoft.Extensions.Logging": "1.0.0",
"Microsoft.Extensions.Logging.Console": "1.0.0",
"Microsoft.Extensions.Logging.Debug": "1.0.0",
"Microsoft.Extensions.Options.ConfigurationExtensions": "1.0.0",
"Microsoft.VisualStudio.Web.BrowserLink.Loader": "14.0.0",
"StyleCop.Analyzers": {
"version": "1.0.0",
"type": "build"
},
"System.IdentityModel.Tokens.Jwt": "5.0.0",
答案 0 :(得分:2)
您的OAuth2中间件注册使用Cookie中间件已经采用的身份验证方案:
opt.AuthenticationScheme = CookieAuthenticationDefaults.AuthenticationScheme;
将其更改为唯一值(例如ADFS),它应该有效。