我有一个 ASP.NET Web 表单和一个 Web API,位于 IIS Express 本地,当用户导航到特定网页时,会自动调用我的自定义身份服务器,从而触发
OnRedirectToIdentityProvider如果我将此应用程序发布到 IIS,则不会发生任何事情(当用户单击登录链接页面时,代码返回 http 200 而不是触发上述事件)。
这是我的代码:
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
AuthenticationType = OpenIdConnectAuthenticationDefaults.AuthenticationType, //"oidc";
ClientId = WebConfigurationManager.AppSettings["ClientId"],
BackchannelTimeout = System.TimeSpan.FromMinutes(30),
CallbackPath = new PathString("/Account/Login"),
Authority = WebConfigurationManager.AppSettings["Authority"],
PostLogoutRedirectUri = WebConfigurationManager.AppSettings["PostLogoutRedirectUri"],
RedirectUri = WebConfigurationManager.AppSettings["RedirectUri"],
Scope = "openid profile",
ResponseType = "id_token",
SaveTokens = true,
Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthenticationFailed = OnAuthenticationFailed,
SecurityTokenValidated = OnSecurityTokenValidated,
RedirectToIdentityProvider = OnRedirectToIdentityProvider,
MessageReceived = OnMessageReceived,
AuthorizationCodeReceived = OnAuthorizationCodeReceived,
TokenResponseReceived = OnTokenResponseReceived,
SecurityTokenReceived = OnSecurityTokenReceived,
}
});
app.UseStageMarker(PipelineStage.Authenticate);
我自己找到了解决方案。 我的所有代码和相关库都没有任何问题。 有效的解决方案是删除位于与目标链接 aspx 文件相同的目录中的错误嵌套 Web 配置文件,从而禁用中间件重定向。