0

我正在使用 core 3.1 连接到画布 API,这是我的代码的一部分..

 services.AddAuthentication(config =>
            {
                config.DefaultAuthenticateScheme = "CanvasCookies";
                config.DefaultSignInScheme = "CanvasCookies";
                config.DefaultChallengeScheme = "CanvasLMS";
            })
                .AddCookie("CanvasCookies")
                .AddOAuth("CanvasLMS", config => 
                {
                    var canvas_domain = Configuration.GetValue<string>("Canvas:Domain");
                    var client_secret = Configuration.GetValue<string>("Canvas:Secret");
                    var client_id = Configuration.GetValue<string>("Canvas:Client_id");

                    config.ClientId = client_id;
                    config.ClientSecret = client_secret;
                    
                    config.CallbackPath = new PathString("/oauth/callback");
                    //config.Scope.Add("google.com")


                    config.AuthorizationEndpoint = $"{canvas_domain}login/oauth2/auth";
                    config.TokenEndpoint = $"{canvas_domain}login/oauth2/token";
                    config.UserInformationEndpoint = $"{canvas_domain}api/v1/users//courses";

                    config.SaveTokens = true;
         

                    config.Events = new OAuthEvents()
                    {
                        OnCreatingTicket = context =>
                        {
                            var accessToken = context.AccessToken;
                            var base64payload = accessToken.Split('.')[1];
                            var bytes = Convert.FromBase64String(base64payload);
                            var jsonPayload = Encoding.UTF8.GetString(bytes);
                            var claims = JsonConvert.DeserializeObject<Dictionary<string, string>>(jsonPayload);

                            foreach(var claim in claims)
                            {
                                context.Identity.AddClaim(new Claim(claim.Key, claim.Value));
                            }

                            return Task.CompletedTask;
                        }

这是控制器

 public class APICanvasController : Controller
    {

...
        [Authorize]
        public async Task<IActionResult> Secret()
        {
            var serverResponse = await AccessTokenRefreshWrapper(
                        () => SecuredGetRequest("https://localhost:44388/secret/index"));

            var apiResponse = await AccessTokenRefreshWrapper(
                () => SecuredGetRequest("https://localhost:44388/secret/index"));

            return View();
        }

        private async Task<HttpResponseMessage> SecuredGetRequest(string url)
        {
            var token = await HttpContext.GetTokenAsync("access_token");
            var client = _httpClientFactory.CreateClient();
            client.DefaultRequestHeaders.Add("Authorization", $"Bearer {token}");
            return await client.GetAsync(url);
        }

        public async Task<HttpResponseMessage> AccessTokenRefreshWrapper(
        Func<Task<HttpResponseMessage>> initialRequest)
        {
            var response = await initialRequest();

            if (response.StatusCode == System.Net.HttpStatusCode.Unauthorized)
            {
                await RefreshAccessToken();
                response = await initialRequest();
            }

            return response;
        }

        private async Task RefreshAccessToken()
        {
          ...
        }
    }
}

当我执行代码时,我收到此错误

例外:oauth 状态丢失或无效。位置不明

异常:处理远程登录时遇到错误。Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler.HandleRequestAsync()

知道我做错了什么吗?

谢谢

4

1 回答 1

0

CallbackPath不应该指代控制器,它指的是由 auth 中间件处理的唯一路径。完成后它将重定向回您的控制器。

“/oauth/callback” 应该将 oauth 身份验证结果作为 json 而不是页面来处理。

于 2021-01-20T06:38:55.073 回答