nz登录服务器异常显示,mvc客户端登录验证回调异常,服务端使用Identityserver4认证...
我有一个mvc客户端,使用的是混合模式认证,本地运行没有问题,但是部署到服务器以后,is4认证通过后回调,就直接跳转到/signin-oidc,提示该网页无法正常运作,如果问题仍然存在,请与网站所有者联系。HTTP ERROR 400,查看日志也没有看到错误日志输出。
以下是客户端的代码:
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(options=>{
options.DefaultScheme= "Cookies";
options.DefaultChallengeScheme= "oidc";
})
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>{
options.SignInScheme= "Cookies";
options.Authority=“http://192.168.10.100:8080”;
options.RequireHttpsMetadata= false;
options.ClientId=“mvc”;
options.ClientSecret= "secret";
options.ResponseType= "code id_token";
options.SaveTokens= true;
options.GetClaimsFromUserInfoEndpoint= true;
options.Scope.Clear();
options.Scope.Add("openid");
options.Scope.Add("profile");
});
app.UseCookiePolicy();
app.UseAuthentication();
app.UseStaticFiles();
app.UseMvc(routes=>{
routes.MapRoute(
name:"default",
template:"{controller=Home}/{action=Index}/{id?}");
});
从代码上看,我也发现不了什么问题,使用同样的方法部署了多个站点,其它的都可以,就是这个不行,服务器验证成功以后,就直接跳转到http://192.168.10.133/signin-oidc, 同时出现400错误。
客户端日志:
2019-05-11 10:51:24.283 +08:00 [WRN] Using an in-memory repository. Keys will not be persisted to storage.
2019-05-11 10:51:24.402 +08:00 [WRN] Neither user profile nor HKLM registry available. Using an ephemeral key repository. Protected data will be unavailable when application exits.
2019-05-11 10:51:24.530 +08:00 [WRN] No XML encryptor configured. Key "3c666a7d-6e97-4f97-8b52-861cb03f5347" may be persisted to storage in unencrypted form.
2019-05-11 10:51:26.492 +08:00 [INF] Cookies was not authenticated. Failure message: Unprotect ticket failed
2019-05-11 10:51:27.104 +08:00 [INF] AuthenticationScheme: oidc was challenged.
is4服务器端也没有报错的日志
2019-05-11 10:51:27.022 +08:00 [DBG] Request path /.well-known/openid-configuration matched to endpoint type Discovery
2019-05-11 10:51:27.022 +08:00 [DBG] Endpoint enabled: Discovery, successfully created handler: IdentityServer4.Endpoints.DiscoveryEndpoint
2019-05-11 10:51:27.022 +08:00 [INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.DiscoveryEndpoint for /.well-known/openid-configuration
2019-05-11 10:51:27.022 +08:00 [DBG] Start discovery request
2019-05-11 10:51:27.028 +08:00 [DBG] Found ["openid","profile","school","api1"] as all scopes in database
2019-05-11 10:51:27.078 +08:00 [DBG] Request path /.well-known/openid-configuration/jwks matched to endpoint type Discovery
2019-05-11 10:51:27.078 +08:00 [DBG] Endpoint enabled: Discovery, successfully created handler: IdentityServer4.Endpoints.DiscoveryKeyEndpoint
2019-05-11 10:51:27.078 +08:00 [INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.DiscoveryKeyEndpoint for /.well-known/openid-configuration/jwks
2019-05-11 10:51:27.078 +08:00 [DBG] Start key discovery request
2019-05-11 10:51:27.128 +08:00 [DBG] Request path /connect/authorize matched to endpoint type Authorize
2019-05-11 10:51:27.128 +08:00 [DBG] Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeEndpoint
2019-05-11 10:51:27.128 +08:00 [INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize
2019-05-11 10:51:27.128 +08:00 [DBG] Start authorize request
2019-05-11 10:51:27.129 +08:00 [DBG] User in authorize request: 8cd82630f81a
2019-05-11 10:51:27.129 +08:00 [DBG] Start authorize request protocol validation
2019-05-11 10:51:27.134 +08:00 [DBG] CLIENT found in database: true
2019-05-11 10:51:27.134 +08:00 [DBG] client configuration validation for client CLIENT succeeded.
2019-05-11 10:51:27.134 +08:00 [DBG] Checking for PKCE parameters
2019-05-11 10:51:27.134 +08:00 [DBG] No PKCE used.
2019-05-11 10:51:27.136 +08:00 [DBG] Found ["openid","profile"] identity scopes in database
2019-05-11 10:51:27.141 +08:00 [DBG] Found ["api1"] API scopes in database
2019-05-11 10:51:27.142 +08:00 [DBG] Found ["openid","profile"] identity scopes in database
2019-05-11 10:51:27.146 +08:00 [DBG] Found ["api1"] API scopes in database
2019-05-11 10:51:27.146 +08:00 [DBG] Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator
2019-05-11 10:51:27.146 +08:00 [INF] ValidatedAuthorizeRequest
{"ClientId":"CLIENT","ClientName":"CLIENT","RedirectUri":"http://192.168.10.133:8080/signin-oidc","AllowedRedirectUris":["http://192.168.10.133:8080/signin-oidc","http://localhost:29111/signin-oidc"],"SubjectId":"8cd82630f81a","ResponseType":"code id_token","ResponseMode":"form_post","GrantType":"hybrid","RequestedScopes":"systemapi pmapi basicapi offline_access openid profile","State":"4UgFIk6n4JAz_AJ1pwfbY0T57p00Dq2XlFiV3BJ6_oM649ZRVQZvSwVcft4wYrU8C3iBa8VWOoCrwTl3orAV45jjQIsQdG0sVdBtFhVHp8upsAE1waRfSu3eibU6M9_tm2m3DwG-EEqKE5h-k2fDOmYqP5cjab5SWRJtjjoDIGzjPwIReNk7lnAOquyMUtarJz_sUdC3qhyMoJvPaNmkGpoXLUxs0kIh8Efxu0S_ecIfD4N3X1hesEDtP6ScQ0lV7QmuS4BBNlvtKuPaZBP0EKnNf0cxyLORneSDX_4Y1SY8VF83JzI4Ayi0_N4","UiLocales":null,"Nonce":"636931398870976449.YjAzYmJjODEtNGVkMi00MTRiLWIwM2QtMTUyZjZjNGJmMDFkNzJlY2U5OTYtZGY3OS00ZmE3LWEyNzAtNjNiMjBmOWZiMmRl","AuthenticationContextReferenceClasses":null,"DisplayMode":null,"PromptMode":null,"MaxAge":null,"LoginHint":null,"SessionId":"2e8794e302771caf27710bb9916dbbcd","Raw":{"client_id":"CLIENT","redirect_uri":"http://192.168.10.133:8080/signin-oidc","response_type":"code id_token","scope":"systemapi pmapi basicapi offline_access openid profile","response_mode":"form_post","nonce":"636931398870976449.YjAzYmJjODEtNGVkMi00MTRiLWIwM2QtMTUyZjZjNGJmMDFkNzJlY2U5OTYtZGY3OS00ZmE3LWEyNzAtNjNiMjBmOWZiMmRl","state":"4UgFIk6n4JAz_AJ1pwfbY0T57p00Dq2XlFiV3BJ6_oM649ZRVQZvSwVcft4wYrU8C3iBa8VWOoCrwTl3orAV45jjQIsQdG0sVdBtFhVHp8upsAE1waRfSu3eibU6M9_tm2m3DwG-EEqKE5h-k2fDOmYqP5cjab5SWRJtjjoDIGzjPwIReNk7lnAOquyMUtarJz_sUdC3qhyMoJvPaNmkGpoXLUxs0kIh8Efxu0S_ecIfD4N3X1hesEDtP6ScQ0lV7QmuS4BBNlvtKuPaZBP0EKnNf0cxyLORneSDX_4Y1SY8VF83JzI4Ayi0_N4","x-client-SKU":"ID_NETSTANDARD2_0","x-client-ver":"5.3.0.0"},"$type":"AuthorizeRequestValidationLog"}
2019-05-11 10:51:27.146 +08:00 [DBG] Client is configured to not require consent, no consent is required
2019-05-11 10:51:27.146 +08:00 [DBG] Creating Hybrid Flow response.
2019-05-11 10:51:27.148 +08:00 [DBG] yTrOyFNaDGDdjoCALDkxbh46YqQstu0Kn5xz1xtdLzY= not found in database
2019-05-11 10:51:27.150 +08:00 [DBG] Creating Implicit Flow response.
2019-05-11 10:51:27.150 +08:00 [DBG] Getting claims for identity token for subject: 8cd82630f81a and client: CLIENT
2019-05-11 10:51:27.151 +08:00 [DBG] Claim types from profile service that were filtered: ["sub","idp","amr","auth_time"]
2019-05-11 10:51:27.153 +08:00 [INF] Authorize endpoint response
{"SubjectId":"8cd82630f81a","ClientId":"CLIENT","RedirectUri":"http://192.168.10.133:8080/signin-oidc","State":"4UgFIk6n4JAz_AJ1pwfbY0T57p00Dq2XlFiV3BJ6_oM649ZRVQZvSwVcft4wYrU8C3iBa8VWOoCrwTl3orAV45jjQIsQdG0sVdBtFhVHp8upsAE1waRfSu3eibU6M9_tm2m3DwG-EEqKE5h-k2fDOmYqP5cjab5SWRJtjjoDIGzjPwIReNk7lnAOquyMUtarJz_sUdC3qhyMoJvPaNmkGpoXLUxs0kIh8Efxu0S_ecIfD4N3X1hesEDtP6ScQ0lV7QmuS4BBNlvtKuPaZBP0EKnNf0cxyLORneSDX_4Y1SY8VF83JzI4Ayi0_N4","Scope":"openid profile systemapi pmapi basicapi offline_access","Error":null,"ErrorDescription":null,"$type":"AuthorizeResponseLog"}
nz登录服务器异常显示,mvc客户端登录验证回调异常,服务端使用Identityserver4认证...相关推荐
- odoo12有些登录用户能显示菜单,有些登录用户显示不了
问题:odoo12有些登录用户能显示菜单,有些登录用户显示不了 原因分析:可能是菜单的menuitem的id是之前其他菜单用过的id,之前的菜单有groups属性,虽然之前的菜单删掉了,但是数据库中没 ...
- 联众服务器超时中断,http连接中客户端中断了请求,服务端会中断执行吗?超时时间设置?...
由于http是基于tcp的,在tcp中,客户端中断了连接,服务端是无法感知的,只能通过发心跳包来检测,而显然我们的nginx是没有发心跳包的,所以,包括nginx,php-fpm都是不知道客户端已断开 ...
- 学习 ET(1)- 开源的游戏客户端(基于 unity3d)服务端双端框架
我: 客户端程序员,15+ 以上 C++ 编码经历, 还算扎实.Unity 编码经历 1年,C# 没有单独学过.真不想离开C++的世界,大形势驱使进入了Unity+C#世界. ET - 开源的游戏客户 ...
- 编写Java程序,使用 Socket类模拟用户加入 QQ 群时,QQ 小冰发送欢迎消息的场景(用户充当客户端,QQ 小冰充当服务端)
查看本章节 查看作业目录 需求说明: 小冰是微软公司研发的人工智能机器人,被腾讯公司加入 QQ 群后,立即受到千万网友的喜爱.现在使用 Socket类模拟用户加入 QQ 群时,QQ 小冰发送欢迎消息的 ...
- UE4 TCP通信 (UE客户端与网络调试助手服务端、python服务端通信)
目录 一.使用UE4建立TCP客户端 二.使用网络调试助手建立服务端 三.基于网络调试助手的服务端与UE客户端通信 四.基于python的TCP服务端与UE客户端通信 一.使用UE4建立TCP客户端 ...
- Android-低功耗蓝牙(BLE)-客户端(主机/中心设备)和服务端(从机/外围设备)
参考: https://developer.android.com/guide/topics/connectivity/bluetooth-le http://a1anwang.com/post-47 ...
- 光是无限远服务器怎么登陆,sv独立客户端怎么连接服务器(sv独立客户端登录密码)...
客户端(Client)或称为用户端,是指与服务器相对应,为客户提供本地服务的程序.除了一些只在本地运行的应用之外,一般安装在普通的客户机上,需要与服务端互相. 天融信sv独立客户端安装好了,打开显示不 ...
- 用友修改了变量不能连接到服务器,用友T3客户端登录提示 运行时错误91:未设置对象变量...
近日使用的用友T3财务软件的T3中碰到一个问题: T3客户端登录提示 运行时错误91:未设置对象变量或with block 变量 详细的问题情况是这样的: T3客户端登录提示 运行时错误91:未设置对 ...
- 魔兽世界怎么修改登录服务器地址,wow如何修改登录服务器地址
wow如何修改登录服务器地址 内容精选 换一换 代码迁移工具进行代码迁移时,需要调用Linux下的rpm.deb等命令才能完成扫描和迁移相关任务,这些命令和逻辑必须在后端Linux运行.插件只支持以W ...
最新文章
- plotly可视化绘制多子图(subplots)并自定义坐标轴
- Linux下ibus-sunpinyin的安装及翻页快捷键设置!
- 安装 Linux -Mplayer 播放器
- java文件格式_Java Class文件格式详解
- 【深度学习】吊打一切现有版本的YOLO!旷视重磅开源YOLOX:新一代目标检测性能速度担当!...
- mongo占用内存过大解决方案
- iOS开源项目周报0323
- linux swftools java_linux下安装swftools工具
- Java-Collection、List
- Mysql(8)_存储引擎之InnoDB
- matlab元素相同,Matlab:访问所有堆叠结构中的相同元素
- 微信开发者工具下载安装教程
- 广州大学机器学习与数据挖掘实验一:线性回归
- Android 常用图标尺寸及设计规范汇总
- 小学教育怎么选择特别容易写的论文选题?
- 如何优雅地使用Origin(小技巧)【推荐】
- docker CE on Linux示例浅析(四)swam群集配置
- vue element 日期范围选择器限制只能选今天之前的时间,或者只能选今天之后的时间
- 数学建模学习(29):matlab求解微分方程组详细讲解,代码+案例讲解,学不会找我!
- VS Code下git的ca-bundle.crt问题