2

我按照微软的 Blazor WebAssembly 独立应用程序教程进行操作。我正在使用 Identity Server 4 以及为登录等而安装的 UI,并且能够查看众所周知的页面。我假设我已经准备好从 blazor 应用程序进行标准登录的一切准备就绪,但我从未进入 Identity Server 的登录页面。相反,当我点击登录链接时,Blazor 应用程序会返回此错误消息:

尝试登录时出错:“无效响应内容类型:文本/html,来自 URL:https:login.microsoftonline.com/.well-known/openid-configuration”

我不确定为什么会发生这种情况,而且我不知道为什么 url 指向 microsoftonline.com。我觉得我在这里错过了一个明显的步骤。我错过了什么?

Blazor 启动设置:

{
  "iisSettings": {
    "windowsAuthentication": false,
    "anonymousAuthentication": true,
    "iisExpress": {
      "applicationUrl": "http://localhost:59723",
      "sslPort": 44398
    }
  },
  "profiles": {
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "inspectUri": "{wsProtocol}://{url.hostname}:{url.port}/_framework/debug/ws-proxy?browser={browserInspectUri}",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "ClientBlazor": {
      "commandName": "Project",
      "launchBrowser": true,
      "inspectUri": "{wsProtocol}://{url.hostname}:{url.port}/_framework/debug/ws-proxy?browser={browserInspectUri}",
      "applicationUrl": "https://localhost:5003",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    }
  }
}

Blazor 应用设置:

{
  "Local": {
    "Authority": "https://localhost:5001",
    "ClientId": "BlazorClient",
    "DefaultScopes": [
      "openid",
      "profile"
    ],
    "PostLogoutRedirectUri": "/",
    "ResponseType":  "code"
  }
}

Blazor 主要方法:

public static async Task Main(string[] args)
        {
            var builder = WebAssemblyHostBuilder.CreateDefault(args);
            builder.RootComponents.Add<App>("app");

            builder.Services.AddTransient(sp => new HttpClient { BaseAddress = new Uri(builder.HostEnvironment.BaseAddress) });

            builder.Services.AddOidcAuthentication(options =>
            {
                // Configure your authentication provider options here.
                // For more information, see https://aka.ms/blazor-standalone-auth
                builder.Configuration.Bind("Local", options.ProviderOptions);
            });

            await builder.Build().RunAsync();
        }

身份服务器启动设置:

{
  "profiles": {
    "SelfHost": {
      "commandName": "Project",
      "launchBrowser": true,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      },
      "applicationUrl": "https://localhost:5001"
    }
  }
}

身份服务器配置:

public static IEnumerable<Client> Clients =>
            new List<Client>
            {
                // SPA client using code flow + pkce
                new Client
                {
                    ClientId = "BlazorClient",
                    ClientName = "Blazor Client",
                    ClientUri = "https://loclhost:5003/",

                    AllowedGrantTypes = GrantTypes.Code,
                    RequirePkce = true,
                    RequireClientSecret = false,

                    RedirectUris =
                    {
                        "https://localhost:5003/authentication/login-callback"
                    },

                    PostLogoutRedirectUris = { "http://localhost:5003/" },
                    AllowedCorsOrigins = { "http://localhost:5003" },

                    AllowedScopes = { "openid", "profile" },
                    Enabled = true
                }
            };
4

4 回答 4

2

解决方案相当简单,但我不确定为什么当我真的按照微软的教程进行操作时。基本上它涉及将 appsettings.json 中的“本地”名称更改为“oidc”。我不知道这是骆驼/帕斯卡案例还是什么。

appsettings.json:

{
  "oidc": {
    "Authority": "https://localhost:5001/",
    "ClientId": "SedduoBlazorClient",
    "DefaultScopes": [
      "openid",
      "profile"
    ],
    "PostLogoutRedirectUri": "/",
    "RedirectUri":  "https://localhost:5003/authentication/login-callback",
    "ResponseType": "code"
  }
}

程序.cs:

public class Program
    {
        public static async Task Main(string[] args)
        {
            var builder = WebAssemblyHostBuilder.CreateDefault(args);
            builder.RootComponents.Add<App>("app");

            builder.Services.AddTransient(sp => new HttpClient { BaseAddress = new Uri(builder.HostEnvironment.BaseAddress) });

            builder.Services.AddOidcAuthentication(options =>
            {
                //options.ProviderOptions.Authority = "https://localhost:5001/";
                // Configure your authentication provider options here.
                // For more information, see https://aka.ms/blazor-standalone-auth
                builder.Configuration.Bind("oidc", options.ProviderOptions);
            });

            await builder.Build().RunAsync();
        }
    }
于 2020-07-19T20:33:07.030 回答
0

您忘记在 OIDC 设置中提供登录重定向 URI:

{
  "Local": {
    "Authority": "https://localhost:5001",
    "ClientId": "BlazorClient",
    "DefaultScopes": [
      "openid",
      "profile"
    ],
    "PostLogoutRedirectUri": "https://localhost:5003/",
    "RedirectUri": "https://localhost:5003/authentication/login-callback",
    "ResponseType":  "code"
  }
}

PostLogoutRedirectUri应该是一个绝对 URI。

于 2020-07-13T06:29:01.027 回答
0

只是在它之前工作的地方遇到过这个问题,这是由于 cookie 造成的。我做了一些改变,不得不清除我的 cookie,一切都奏效了(它在 incongito 中工作)

于 2021-08-21T22:32:59.767 回答
0

谁在使用自签名证书在 IIS 上发布时遇到此问题,可能是由于应用程序池在读取证书时的身份验证引起的。

当您运行 .exe 并尝试登录时,登录失败并且 .exe 控制台显示“密钥集不存在”。

为了解决这个问题,打开证书管理器,右键单击证书、所有任务、私钥管理器并插入 IIS 组(IIS_IUSRS)以获得读/写权限。对于测试,请尝试“所有人”。

于 2021-09-04T23:55:07.170 回答