我在我的 ASP.NET 7 项目中使用这个著名的 AspNet.Security.OAuth.Providers 包来轻松实现 Slack 的 OAuth 流程。然而,事实证明这是一个挑战。
我的
Program.csvar builder = WebApplication.CreateBuilder(args);
builder.Services.AddControllersWithViews();
builder.Services.AddAuthentication(options => { options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; } )
.AddSlack(o =>
{
o.ClientId = "MY_CLIENT_ID";
o.ClientSecret = "MY_CLIENT_SECRET";
o.AuthorizationEndpoint = "https://slack.com/oauth/authorize";
o.TokenEndpoint = "https://slack.com/api/oauth.access";
}).AddCookie(options =>
{
options.LoginPath = "/signin";
options.LogoutPath = "/signout";
});
var app = builder.Build();
app.UseAuthentication();
app.UseAuthorization();
app.MapDefaultControllerRoute();
app.UseStaticFiles();
app.Run();
如您所见,.AddSlack() 函数是包的一部分,我在这里启用它并传递我自己的 Slack API 信息。
接下来,当用户单击“使用 Slack 登录”时,POST 请求将发送到身份验证控制器中我的
AuthorizeSlack看起来像这样:
[HttpPost]
public async Task<IActionResult> AuthorizeSlack(string provider = "Slack")
{
Console.WriteLine("Got post request from button");
// Note: the "provider" parameter corresponds to the external
// authentication provider choosen by the user agent.
if (string.IsNullOrWhiteSpace(provider))
{
return BadRequest();
}
if (!await HttpContext.IsProviderSupportedAsync(provider))
{
Console.WriteLine("provider not supported returning bad request");
return BadRequest();
}
// Instruct the middleware corresponding to the requested external identity
// provider to redirect the user agent to its own authorization endpoint.
// Note: the authenticationScheme parameter must match the value configured in Startup.cs
return Challenge(new AuthenticationProperties { RedirectUri = "/Dashboard" }, "Slack");
}
到目前为止,用户被带到 Slack OAUTH 页面并提示授权/登录。接下来,他们被重定向到我的回调 URL
/signin-slack但是,一旦单击“允许”按钮并且我被重定向回我的站点的回调 URL,我就会收到此错误
KeyNotFoundException: The given key was not present in the dictionary.
System.Text.Json.JsonElement.GetProperty(string propertyName)
AspNet.Security.OAuth.Slack.SlackAuthenticationOptions+<>c.<.ctor>b__0_0(JsonElement user)
Microsoft.AspNetCore.Authentication.OAuth.Claims.CustomJsonClaimAction.Run(JsonElement userData, ClaimsIdentity identity, string issuer)
Microsoft.AspNetCore.Authentication.OAuth.OAuthCreatingTicketContext.RunClaimActions(JsonElement userData)
Microsoft.AspNetCore.Authentication.OAuth.OAuthCreatingTicketContext.RunClaimActions()
AspNet.Security.OAuth.Slack.SlackAuthenticationHandler.CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
Microsoft.AspNetCore.Authentication.OAuth.OAuthHandler<TOptions>.HandleRemoteAuthenticateAsync()
Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler<TOptions>.HandleRequestAsync()
当我在 github 上四处询问时,显然 Slack API 在对我的回应中缺少一些字段。因此,当库尝试读取它们丢失的那些字段时,就会出现此错误。
似乎是包中的这一行产生了KeyNotFound错误:
string.Concat(user.GetProperty("team").GetString("id"), "|", user.GetProperty("user").GetString("id")));
那么这里发生了什么?为什么团队字段是空的??
这里是任何感兴趣的人的 github 问题链接:https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers/issues/768
谢谢!