我正在使用.net core 2并通过Google和自定义oauth 2登录api添加AddAuthentication()
但这两种认证都得到了错误谷歌说:
例外:oauth状态缺失或无效。
自定义登录说:
重定向URI不匹配。
当我从启动文件中禁用(注释)自定义登录api并使用唯一的google登录API时,一切正常
services.AddAuthentication()
.AddOAuth("test", options =>
{
options.ClientId = "..Id...";
options.ClientSecret ="..Secret..";
options.CallbackPath = new PathString("/Account/ExternalLoginCallback");
options.AuthorizationEndpoint = "https://example.com/oauth/authorize";
options.TokenEndpoint = "https://example.com/oauth/token";
options.UserInformationEndpoint = "https://example.com/oauth/api/o";
options.ClaimActions.MapJsonKey(ClaimTypes.Name, "name");
options.ClaimActions.MapJsonKey(ClaimTypes.Email, "EmailAddress", ClaimValueTypes.Email);
options.Events = new OAuthEvents
{
OnCreatingTicket = async context =>
{
var request =
new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
request.Headers.Authorization =
new AuthenticationHeaderValue("Bearer", context.AccessToken);
var response = await context.Backchannel.SendAsync(request,
HttpCompletionOption.ResponseHeadersRead, context.HttpContext.RequestAborted);
response.EnsureSuccessStatusCode();
var user = JObject.Parse(await response.Content.ReadAsStringAsync());
context.RunClaimActions(user);
}
};
})
.AddGoogle(googleOptions =>
{
googleOptions.ClientId = Configuration["Authentication:Google:ClientId"];
googleOptions.ClientSecret = Configuration["Authentication:Google:ClientSecret"];
});
我的代码或此问题的任何解决方案是否有任何问题?
在我的情况下问题是在CallbackPath和架构中,我检查了AuthorizationEndpoint,TokenEndpoint,UserInformationEndpoint和postman并找到了一些问题,修复了这些问题,一切正常。