Systemweb适配器身份验证因多个重定向而导致“查询字符串太长”

特别是我正在使用身份验证客户端和服务器，当我在移动设备上进行身份验证之前浏览主页时，请求URL由于递归添加returnurls而变得太长。

URL看起来像这样：

http://localhost:8080/account/login?ReturnUrl=%2fsystemweb-adapters%2fauthenticate%3foriginal-url%3d%252Faccount%252Flogin%253FReturnUrl%253D%25252fsystemweb-adapters%25252fauthenticate%25253foriginal-url%25253d%2525252Faccount%2525252Flogin%2525253FReturnUrl%2525253D%252525252fsystemweb-adapters%252525252fauthenticate%252525253foriginal-url%252525253d%25252525252Faccount%25252525252Flogin%25252525253FReturnUrl%25252525253D%2525252525252fsystemweb-adapters%2525252525252fauthenticate%2525252525253foriginal-url%2525252525253d%252525252525252F%252525252526original-url%25252525253D%2525252525252F%25252525252C%25252525252Faccount%25252525252Flogin%25252525253FReturnUrl%25252525253D%2525252525252f%25252526original-url%2525253D%252525252Faccount%252525252Flogin%252525253FReturnUrl%252525253D%25252525252fsystemweb-adapters%25252525252fauthenticate%25252525253foriginal-url%25252525253d%2525252525252F%2525252526original-url%252525253D%25252525252F%252525252C%252525252Faccount%252525252Flogin%252525253FReturnUrl%252525253D%25252525252f%2525252C%2525252Fmobile%2525252Flogin%2526original-url%253D%25252Faccount%25252Flogin%25253FReturnUrl%25253D%2525252fsystemweb-adapters%2525252fauthenticate%2525253foriginal-url%2525253d%252525252Faccount%252525252Flogin%252525253FReturnUrl%252525253D%25252525252fsystemweb-adapters%25252525252fauthenticate%25252525253foriginal-url%25252525253d%2525252525252F%2525252526original-url%252525253D%25252525252F%252525252C%252525252Faccount%252525252Flogin%252525253FReturnUrl%252525253D%25252525252f%252526original-url%25253D%2525252Faccount%2525252Flogin%2525253FReturnUrl%2525253D%252525252fsystemweb-adapters%252525252fauthenticate%252525253foriginal-url%252525253d%25252525252F%25252526original-url%2525253D%252525252F%2525252C%2525252Faccount%2525252Flogin%2525253FReturnUrl%2525253D%252525252f%25252C%25252Fmobile%25252Flogin%252C%252Fmobile%252Flogin&original-url=%2Faccount%2Flogin%3FReturnUrl%3D%252fsystemweb-adapters%252fauthenticate%253foriginal-url%253d%25252Faccount%25252Flogin%25253FReturnUrl%25253D%2525252fsystemweb-adapters%2525252fauthenticate%2525253foriginal-url%2525253d%252525252Faccount%252525252Flogin%252525253FReturnUrl%252525253D%25252525252fsystemweb-adapters%25252525252fauthenticate%25252525253foriginal-url%25252525253d%2525252525252F%2525252526original-url%252525253D%25252525252F%252525252C%252525252Faccount%252525252Flogin%252525253FReturnUrl%252525253D%25252525252f%252526original-url%25253D%2525252Faccount%2525252Flogin%2525253FReturnUrl%2525253D%252525252fsystemweb-adapters%252525252fauthenticate%252525253foriginal-url%252525253d%25252525252F%25252526original-url%2525253D%252525252F%2525252C%2525252Faccount%2525252Flogin%2525253FReturnUrl%2525253D%252525252f%25252C%25252Fmobile%25252Flogin%26original-url%3D%252Faccount%252Flogin%253FReturnUrl%253D%25252fsystemweb-adapters%25252fauthenticate%25253foriginal-url%25253d%2525252Faccount%2525252Flogin%2525253FReturnUrl%2525253D%252525252fsystemweb-adapters%252525252fauthenticate%252525253foriginal-url%252525253d%25252525252F%25252526original-url%2525253D%252525252F%2525252C%2525252Faccount%2525252Flogin%2525253FReturnUrl%2525253D%252525252f%2526original-url%253D%25252Faccount%25252Flogin%25253FReturnUrl%25253D%2525252fsystemweb-adapters%2525252fauthenticate%2525253foriginal-url%2525253d%252525252F%252526original-url%25253D%2525252F%25252C%25252Faccount%25252Flogin%25253FReturnUrl%25253D%2525252f%252C%252Fmobile%252Flogin%2C%2Fmobile%2Flogin

这是ASP.NET核心方面的代码：

using WebCore; using Yarp.ReverseProxy.Forwarder; var builder = WebApplication.CreateBuilder(args); // Add services to the container. builder.Services.AddSystemWebAdapters() .AddJsonSessionSerializer(options => { // <snip> }) .AddRemoteAppClient( options => { options.RemoteAppUrl = new(builder.Configuration["ProxyTo"]); options.ApiKey = builder.Configuration["ProxyApiKey"]; }) .AddAuthenticationClient(isDefaultScheme: true) .AddSessionClient(); builder.Services.AddHttpForwarder(); builder.Services.AddDetection(); builder.Services.AddWebOptimizer(//<snip>); // <snip> var app = builder.Build(); var forwarderRequestConfig = builder.Configuration.GetSection("ForwarderRequestConfig") .Get<ForwarderRequestConfig>(); if (!app.Environment.IsDevelopment()) { app.UseHsts(); } app.UseCors(); app.UseHttpsRedirection(); app.UseStaticFiles(); app.UseRouting(); app.UseAuthorization(); app.UseSystemWebAdapters(); app.MapForwarder("/{**catch-all}", app.Configuration["ProxyTo"], forwarderRequestConfig, new ForwardOriginalUrlTransformer()) .Add(static builder => ((RouteEndpointBuilder)builder).Order = int.MaxValue); app.MapDefaultControllerRoute() .RequireSystemWebAdapterSession(); app.Run();

在ASP.NET侧，我有一个看起来像这样的登录：

AccountsController

[Mobility]
public ActionResult Login(string returnUrl = "", string mode = "")
{
    SecurityService.Logout();

    if (returnUrl.Contains("/account/login"))
        return RedirectToAction("login", "account", new { mode = "login" });

    var model = new
                {
                    Mode = mode,
                    RedirectUrl = returnUrl,
                    ValidationLiterals = AccountFacade.ValidationLiterals()
                };

    return View(model.ToJson());
}

属性被编码为：

Mobility

感谢您的时间。 我默认情况下期待这项工作，但事实并非如此。我已经尝试添加中间件来剥离ASP.NET核心方面的额外返回仪，但是当我编写编码时，它变得越来越复杂。

我想知道多个重定向是否导致了验证流量问题。为此有工作吗？如果我将房屋和帐户控制器迁移到ASP.NET Core，它会对我有帮助，但是在这种情况下，如何设置登录路径？

i使用以下代码修复了此问题

public override void OnActionExecuting(ActionExecutingContext filterContext) { // Determine if we've processed their preference already via the UI site-switching links var useMobileValue = HttpContext.Current.Session["UseMobile"]; bool useMobile; // <snip> if (useMobile) { var url = "/mobile"; if (!Global.Authenticated) url += "/login"; filterContext.Result = new RedirectResult(url); } }