WebAuthenticator.AuthenticateAsync Facebook登录未关闭

Question

我正试着让它启动并运行，但我不知道问题出在哪里。我的创业公司：

public void ConfigureServices(IServiceCollection services)
    {
services.AddIdentity<ApplicationUser, ApplicationRole>(options => options.SignIn.RequireConfirmedAccount = true)
            .AddEntityFrameworkStores<ApplicationDbContext>()
            .AddDefaultUI();
         //   .AddDefaultTokenProviders();
        services.AddControllersWithViews();

        //language
        services.Configure<RequestLocalizationOptions>(options =>
        {
            options.DefaultRequestCulture = new RequestCulture("fr");
            options.RequestCultureProviders = new List<IRequestCultureProvider>
            {
                new QueryStringRequestCultureProvider(),
                new CookieRequestCultureProvider()
            };
        });

        services.AddAuthentication(o =>
        {
            o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        })
        .AddCookie()
        .AddFacebook(facebookOptions =>
        {
            facebookOptions.AppId = "XXXXX";
            facebookOptions.AppSecret = "XXXXX";
            facebookOptions.SaveTokens = true;
        });
services.AddControllersWithViews();
        services.AddRazorPages();

        services.AddAuthorization(options =>
        {
            options.FallbackPolicy = new AuthorizationPolicyBuilder()
                .RequireAuthenticatedUser()
                .Build();
        });
    }

我的LoginController

[HttpGet]
    [AllowAnonymous]
    public async Task GetFacebook()
    {
        try
        {
            string scheme = "Facebook";

            var auth = await Request.HttpContext.AuthenticateAsync(scheme);

            if (!auth.Succeeded
                || auth?.Principal == null
                || !auth.Principal.Identities.Any(id => id.IsAuthenticated)
                || string.IsNullOrEmpty(auth.Properties.GetTokenValue("access_token")))
            {
                COMMON_FUNCTIONS.storeError(_context, "Not authenticated", MethodBase.GetCurrentMethod().ReflectedType.Name, auth.ToString());

                // Not authenticated, challenge
                await Request.HttpContext.ChallengeAsync(scheme);
            }
            else
            {
                var claims = auth.Principal.Identities.FirstOrDefault()?.Claims;

                var email = string.Empty;
                email = claims?.FirstOrDefault(c => c.Type == System.Security.Claims.ClaimTypes.Email)?.Value;

                COMMON_FUNCTIONS.storeError(_context, "authenticated - mail", MethodBase.GetCurrentMethod().ReflectedType.Name, email);

                // Get parameters to send back to the callback
                var qs = new Dictionary<string, string>
            {
                { "access_token", auth.Properties.GetTokenValue("access_token") },
                { "refresh_token", auth.Properties.GetTokenValue("refresh_token") ?? string.Empty },
                { "expires", (auth.Properties.ExpiresUtc?.ToUnixTimeSeconds() ?? -1).ToString() },
                { "email", email }
            };


                // Build the result url
                var url = "APPSCHEME" + "://#" + string.Join(
                    "&",
                    qs.Where(kvp => !string.IsNullOrEmpty(kvp.Value) && kvp.Value != "-1")
                    .Select(kvp => $"{WebUtility.UrlEncode(kvp.Key)}={WebUtility.UrlEncode(kvp.Value)}"));

                COMMON_FUNCTIONS.storeError(_context, "authenticated - url", MethodBase.GetCurrentMethod().ReflectedType.Name, url);

                // Redirect to final url
                Request.HttpContext.Response.Redirect(url);
            }
        }
        catch (Exception ex)
        {
            COMMON_FUNCTIONS.storeError(_context, "Authenticate-ex", MethodBase.GetCurrentMethod().ReflectedType.Name, ex.ToString());
        }
    }

在我的XAMARIN.FORMS：

private async void OnFacebookClicked(object sender, EventArgs e)
    {
        lblMessage.Text = "";
        try
        {
            var authResult = await  WebAuthenticator.AuthenticateAsync(new Uri(App.g_WebSite + "api/v1/Authenticate/GetFacebook"), new Uri("APPSCHEME://"));

            var accessToken = authResult?.AccessToken;
        }
        catch (Exception ex) when (ex is TaskCanceledException || ex is OperationCanceledException)
        {
            lblMessage.Text = "User cancelled!";
        }
        catch (Exception ex)
        {
            string tt = ex.ToString();
            lblMessage.Text = "Login failed!";
        }
    }

当我点击Loginbutton时，函数GetFacebook()就会被调用。在服务器日志中，我可以看到令牌是如何在重定向调用之前生成APPSCHEME://#access_token=xxxxxxxxxxxxxxxxxxxxxxxxx的。

Request.HttpContext.Response.Redirect(url);

但是facebook页面没有关闭，XAMARIN.FORMS更新中的代码到达var accessToken = authResult?.AccessToken;

更新我的安卓中的代码

[Activity(Label = "GSAQ_Mobile", Icon = "@mipmap/icon", Theme = "@style/MainTheme", MainLauncher = true, ConfigurationChanges = ConfigChanges.ScreenSize | ConfigChanges.Orientation | ConfigChanges.UiMode | ConfigChanges.ScreenLayout | ConfigChanges.SmallestScreenSize )]
public class MainActivity : global::Xamarin.Forms.Platform.Android.FormsAppCompatActivity
{
    protected override void OnCreate(Bundle savedInstanceState)
    {
        TabLayoutResource = Resource.Layout.Tabbar;
        ToolbarResource = Resource.Layout.Toolbar;

        base.OnCreate(savedInstanceState);

        Xamarin.Essentials.Platform.Init(this, savedInstanceState);
        global::Xamarin.Forms.Forms.Init(this, savedInstanceState);
        LoadApplication(new App());
    }

    public override void OnRequestPermissionsResult(int requestCode, string[] permissions, [GeneratedEnum] Android.Content.PM.Permission[] grantResults)
    {
        Xamarin.Essentials.Platform.OnRequestPermissionsResult(requestCode, permissions, grantResults);

        base.OnRequestPermissionsResult(requestCode, permissions, grantResults);
    }

    //protected override void OnResume()
    //{
    //    base.OnResume();

    //    Xamarin.Essentials.Platform.OnResume();
    //}
}

[Activity(NoHistory = true, LaunchMode = LaunchMode.SingleTop)]
[IntentFilter(new[] { Android.Content.Intent.ActionView }, Categories = new[] { Android.Content.Intent.CategoryDefault, Android.Content.Intent.CategoryBrowsable },
DataScheme = "APPSCHEME")]
public class WebAuthenticationCallbackActivity : Xamarin.Essentials.WebAuthenticatorCallbackActivity
{
}

在我的网站上，facebooklogin运行得很好。

有什么主意吗？

Answer 1

经过大量的测试，我开始工作了。我做了几处改变，但我不确定到底是哪一种改变起了作用：

https://learn.microsoft.com/en-us/aspnet/core/security/gdpr?view=aspnetcore-5.0

• On

1. 添加了ApiController LoginController类
2. 添加了cookie处理： my模拟的Android，我想这是一个铬版本的问题，所以我将托管的Android中的chrome浏览器更新为最新版本
   1. ，我将回调方案从APPSCHEME改为APPSCHEME应用

在我看来，第4点起了作用，但其他几点肯定是有兴趣的。

Answer 2

在您的iOS应用程序代理中，必须定义以下内容：

public override bool ContinueUserActivity(UIApplication application, NSUserActivity userActivity, UIApplicationRestorationHandler completionHandler)
{
    if (Xamarin.Essentials.Platform.ContinueUserActivity(application, userActivity, completionHandler))
        return true;
    return base.ContinueUserActivity(application, userActivity, completionHandler);
}

安德里奥德：

const string CALLBACK_SCHEME = "myapp";

[Activity(NoHistory = true, LaunchMode = LaunchMode.SingleTop)]
[IntentFilter(new[] { Android.Content.Intent.ActionView },
    Categories = new[] { Android.Content.Intent.CategoryDefault, Android.Content.Intent.CategoryBrowsable },
    DataScheme = CALLBACK_SCHEME)]
public class WebAuthenticationCallbackActivity : Xamarin.Essentials.WebAuthenticatorCallbackActivity
{
}

https://learn.microsoft.com/en-us/xamarin/essentials/web-authenticator?tabs=ios#get-started