Microsoft.Identity.Web OpenIdConnect没有经过认证。失败消息:未验证
在过去的几年里,我的应用程序一直在使用Microsoft.Identity,一些变化使得用户不得不清除缓存才能进行身份验证。我已经验证了回复url,租户id,客户id和客户端秘密,他们都没有改变,并正确设置。我更新了最新的nuget包裹。在清除浏览器缓存之后,身份验证工作得很好。是什么导致了这一切?
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
options.CheckConsentNeeded = context => false;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
options.HandleSameSiteCookieCompatibility();
});
services.AddMicrosoftIdentityWebAppAuthentication(Configuration, "AzureAd");
//services.AddSignIn(Configuration);
// Token acquisition service based on MSAL.NET
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseRouting();
app.UseCors(MyAllowSpecificOrigins);
app.UseAuthentication();
app.UseSession();
app.UseMiddleware<UserClaims>();
app.UseAuthorization();Microsoft.AspNetCore.Hosting.Diagnostics: Information: Request starting HTTP/2.0 POST https://localhost:44326/signin-oidc application/x-www-form-urlencoded 3217
Microsoft.AspNetCore.Cors.Infrastructure.CorsService: Information: CORS policy execution successful.
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler: Information: AuthenticationScheme: Cookies signed in.
Microsoft.AspNetCore.Hosting.Diagnostics: Information: Request finished in 626.0063ms 302
Microsoft.AspNetCore.Hosting.Diagnostics: Information: Request starting HTTP/2.0 GET https://localhost:44326/
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler: Information: OpenIdConnect was not authenticated. Failure message: Not authenticated
Microsoft.AspNetCore.Authorization.DefaultAuthorizationService: Information: Authorization failed.
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler: Information: AuthenticationScheme: OpenIdConnect was challenged.
Microsoft.AspNetCore.Hosting.Diagnostics: Information: Request finished in 225.1113ms 302回答 1
Stack Overflow用户
发布于 2022-01-17 13:54:37
请确保添加身份验证中间件,以便app.UseAuthentication();放在app.UseMvc()之前;
app.UseAuthentication();
app.UseAuthorization();Note表示,AddMicrosoftIdentityWebApp正在使用自己的cookie (auth)提供程序,而不是使用现有的(可能在升级后)。
尝试使用使炊具化成空
services.AddAuthentication() .AddMicrosoftIdentityWebApp(Configuration,"AzureAd", "AzureAD", cookieScheme: null);或者尝试解释,添加这些方案,以便使方案能够处理像401这样的挑战错误的异常。
为此,您可能需要调用AddAuthentication()并配置类似于这的默认挑战方案。
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAd"))注意:实际上,AddAuthentication()方法将服务配置为添加浏览器场景中使用的基于cookie的authentication.This cookie,并设置对OpenID连接的挑战。
并使用一个调用minumum ()或一个对endpoints.MapControllerRoute()的调用来注册Microsoft标识路由。
或
services.Configure<CookiePolicyOptions>(options =>
{
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
options.Authority = options.Authority + "/v2.0/";
options.TokenValidationParameters.ValidateIssuer = false;
});请检查microsoft-身份- github中的web问题
参考资料:
https://stackoverflow.com/questions/70720602
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号