尝试在 chrome 80 beta 版本中为同一站点 cookie 问题创建补丁工作
参考:https ://devblogs.microsoft.com/aspnet/upcoming-samesite-cookie-changes-in-asp-net-and-asp-net-core/
到目前为止完成的步骤:
- 升级到 4.1
- 将 .net 框架升级到 4.72
- 添加了参考链接中提到的 sameCookieManager
启动.cs
var options = new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = authority,
PostLogoutRedirectUri = redirectUri,
RedirectUri = redirectUri,
TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = false,
SaveSigninToken=true
},
Notifications = new OpenIdConnectAuthenticationNotifications()
{
AuthenticationFailed = OnAuthenticationFailed,
AuthorizationCodeReceived = OnAuthorizationCodeReceived,
SecurityTokenValidated = OnSecurityTokenValidated
},
CookieManager = new SameSiteCookieManager(new SystemWebCookieManager())
};
它最终在 OnAuthenticationFailed 中出现错误“IDX21323 OpenIdConnectProtocolValidationContext.Nonce 为空,OpenIdConnectProtocolValidatedIdToken.Paylocad.Nonce 不为空”
尝试了以下链接中提到的几种绕过方法,但它不起作用