我有一个mvc客户端,使用的是混合模式认证,本地运行没有问题,但是部署到服务器以后,is4认证通过后回调,就直接跳转到/signin-oidc,提示该网页无法正常运作,如果问题仍然存在,请与网站所有者联系。HTTP ERROR 400,查看日志也没有看到错误日志输出。

以下是客户端的代码:

JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();

services.AddAuthentication(options=>{

options.DefaultScheme= "Cookies";

options.DefaultChallengeScheme= "oidc";

})

.AddCookie("Cookies")

.AddOpenIdConnect("oidc", options =>{

options.SignInScheme= "Cookies";

options.Authority=“http://192.168.10.100:8080”;

options.RequireHttpsMetadata= false;

options.ClientId=“mvc”;

options.ClientSecret= "secret";

options.ResponseType= "code id_token";

options.SaveTokens= true;

options.GetClaimsFromUserInfoEndpoint= true;

options.Scope.Clear();

options.Scope.Add("openid");

options.Scope.Add("profile");

});

app.UseCookiePolicy();

app.UseAuthentication();

app.UseStaticFiles();

app.UseMvc(routes=>{

routes.MapRoute(

name:"default",

template:"{controller=Home}/{action=Index}/{id?}");

});

从代码上看,我也发现不了什么问题,使用同样的方法部署了多个站点,其它的都可以,就是这个不行,服务器验证成功以后,就直接跳转到http://192.168.10.133/signin-oidc, 同时出现400错误。

客户端日志:

2019-05-11 10:51:24.283 +08:00 [WRN] Using an in-memory repository. Keys will not be persisted to storage.

2019-05-11 10:51:24.402 +08:00 [WRN] Neither user profile nor HKLM registry available. Using an ephemeral key repository. Protected data will be unavailable when application exits.

2019-05-11 10:51:24.530 +08:00 [WRN] No XML encryptor configured. Key "3c666a7d-6e97-4f97-8b52-861cb03f5347" may be persisted to storage in unencrypted form.

2019-05-11 10:51:26.492 +08:00 [INF] Cookies was not authenticated. Failure message: Unprotect ticket failed

2019-05-11 10:51:27.104 +08:00 [INF] AuthenticationScheme: oidc was challenged.

is4服务器端也没有报错的日志

2019-05-11 10:51:27.022 +08:00 [DBG] Request path /.well-known/openid-configuration matched to endpoint type Discovery

2019-05-11 10:51:27.022 +08:00 [DBG] Endpoint enabled: Discovery, successfully created handler: IdentityServer4.Endpoints.DiscoveryEndpoint

2019-05-11 10:51:27.022 +08:00 [INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.DiscoveryEndpoint for /.well-known/openid-configuration

2019-05-11 10:51:27.022 +08:00 [DBG] Start discovery request

2019-05-11 10:51:27.028 +08:00 [DBG] Found ["openid","profile","school","api1"] as all scopes in database

2019-05-11 10:51:27.078 +08:00 [DBG] Request path /.well-known/openid-configuration/jwks matched to endpoint type Discovery

2019-05-11 10:51:27.078 +08:00 [DBG] Endpoint enabled: Discovery, successfully created handler: IdentityServer4.Endpoints.DiscoveryKeyEndpoint

2019-05-11 10:51:27.078 +08:00 [INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.DiscoveryKeyEndpoint for /.well-known/openid-configuration/jwks

2019-05-11 10:51:27.078 +08:00 [DBG] Start key discovery request

2019-05-11 10:51:27.128 +08:00 [DBG] Request path /connect/authorize matched to endpoint type Authorize

2019-05-11 10:51:27.128 +08:00 [DBG] Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeEndpoint

2019-05-11 10:51:27.128 +08:00 [INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize

2019-05-11 10:51:27.128 +08:00 [DBG] Start authorize request

2019-05-11 10:51:27.129 +08:00 [DBG] User in authorize request: 8cd82630f81a

2019-05-11 10:51:27.129 +08:00 [DBG] Start authorize request protocol validation

2019-05-11 10:51:27.134 +08:00 [DBG] CLIENT found in database: true

2019-05-11 10:51:27.134 +08:00 [DBG] client configuration validation for client CLIENT succeeded.

2019-05-11 10:51:27.134 +08:00 [DBG] Checking for PKCE parameters

2019-05-11 10:51:27.134 +08:00 [DBG] No PKCE used.

2019-05-11 10:51:27.136 +08:00 [DBG] Found ["openid","profile"] identity scopes in database

2019-05-11 10:51:27.141 +08:00 [DBG] Found ["api1"] API scopes in database

2019-05-11 10:51:27.142 +08:00 [DBG] Found ["openid","profile"] identity scopes in database

2019-05-11 10:51:27.146 +08:00 [DBG] Found ["api1"] API scopes in database

2019-05-11 10:51:27.146 +08:00 [DBG] Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator

2019-05-11 10:51:27.146 +08:00 [INF] ValidatedAuthorizeRequest

{"ClientId":"CLIENT","ClientName":"CLIENT","RedirectUri":"http://192.168.10.133:8080/signin-oidc","AllowedRedirectUris":["http://192.168.10.133:8080/signin-oidc","http://localhost:29111/signin-oidc"],"SubjectId":"8cd82630f81a","ResponseType":"code id_token","ResponseMode":"form_post","GrantType":"hybrid","RequestedScopes":"systemapi pmapi basicapi offline_access openid profile","State":"4UgFIk6n4JAz_AJ1pwfbY0T57p00Dq2XlFiV3BJ6_oM649ZRVQZvSwVcft4wYrU8C3iBa8VWOoCrwTl3orAV45jjQIsQdG0sVdBtFhVHp8upsAE1waRfSu3eibU6M9_tm2m3DwG-EEqKE5h-k2fDOmYqP5cjab5SWRJtjjoDIGzjPwIReNk7lnAOquyMUtarJz_sUdC3qhyMoJvPaNmkGpoXLUxs0kIh8Efxu0S_ecIfD4N3X1hesEDtP6ScQ0lV7QmuS4BBNlvtKuPaZBP0EKnNf0cxyLORneSDX_4Y1SY8VF83JzI4Ayi0_N4","UiLocales":null,"Nonce":"636931398870976449.YjAzYmJjODEtNGVkMi00MTRiLWIwM2QtMTUyZjZjNGJmMDFkNzJlY2U5OTYtZGY3OS00ZmE3LWEyNzAtNjNiMjBmOWZiMmRl","AuthenticationContextReferenceClasses":null,"DisplayMode":null,"PromptMode":null,"MaxAge":null,"LoginHint":null,"SessionId":"2e8794e302771caf27710bb9916dbbcd","Raw":{"client_id":"CLIENT","redirect_uri":"http://192.168.10.133:8080/signin-oidc","response_type":"code id_token","scope":"systemapi pmapi basicapi offline_access openid profile","response_mode":"form_post","nonce":"636931398870976449.YjAzYmJjODEtNGVkMi00MTRiLWIwM2QtMTUyZjZjNGJmMDFkNzJlY2U5OTYtZGY3OS00ZmE3LWEyNzAtNjNiMjBmOWZiMmRl","state":"4UgFIk6n4JAz_AJ1pwfbY0T57p00Dq2XlFiV3BJ6_oM649ZRVQZvSwVcft4wYrU8C3iBa8VWOoCrwTl3orAV45jjQIsQdG0sVdBtFhVHp8upsAE1waRfSu3eibU6M9_tm2m3DwG-EEqKE5h-k2fDOmYqP5cjab5SWRJtjjoDIGzjPwIReNk7lnAOquyMUtarJz_sUdC3qhyMoJvPaNmkGpoXLUxs0kIh8Efxu0S_ecIfD4N3X1hesEDtP6ScQ0lV7QmuS4BBNlvtKuPaZBP0EKnNf0cxyLORneSDX_4Y1SY8VF83JzI4Ayi0_N4","x-client-SKU":"ID_NETSTANDARD2_0","x-client-ver":"5.3.0.0"},"$type":"AuthorizeRequestValidationLog"}

2019-05-11 10:51:27.146 +08:00 [DBG] Client is configured to not require consent, no consent is required

2019-05-11 10:51:27.146 +08:00 [DBG] Creating Hybrid Flow response.

2019-05-11 10:51:27.148 +08:00 [DBG] yTrOyFNaDGDdjoCALDkxbh46YqQstu0Kn5xz1xtdLzY= not found in database

2019-05-11 10:51:27.150 +08:00 [DBG] Creating Implicit Flow response.

2019-05-11 10:51:27.150 +08:00 [DBG] Getting claims for identity token for subject: 8cd82630f81a and client: CLIENT

2019-05-11 10:51:27.151 +08:00 [DBG] Claim types from profile service that were filtered: ["sub","idp","amr","auth_time"]

2019-05-11 10:51:27.153 +08:00 [INF] Authorize endpoint response

{"SubjectId":"8cd82630f81a","ClientId":"CLIENT","RedirectUri":"http://192.168.10.133:8080/signin-oidc","State":"4UgFIk6n4JAz_AJ1pwfbY0T57p00Dq2XlFiV3BJ6_oM649ZRVQZvSwVcft4wYrU8C3iBa8VWOoCrwTl3orAV45jjQIsQdG0sVdBtFhVHp8upsAE1waRfSu3eibU6M9_tm2m3DwG-EEqKE5h-k2fDOmYqP5cjab5SWRJtjjoDIGzjPwIReNk7lnAOquyMUtarJz_sUdC3qhyMoJvPaNmkGpoXLUxs0kIh8Efxu0S_ecIfD4N3X1hesEDtP6ScQ0lV7QmuS4BBNlvtKuPaZBP0EKnNf0cxyLORneSDX_4Y1SY8VF83JzI4Ayi0_N4","Scope":"openid profile systemapi pmapi basicapi offline_access","Error":null,"ErrorDescription":null,"$type":"AuthorizeResponseLog"}

nz登录服务器异常显示,mvc客户端登录验证回调异常,服务端使用Identityserver4认证...相关推荐

  1. odoo12有些登录用户能显示菜单,有些登录用户显示不了

    问题:odoo12有些登录用户能显示菜单,有些登录用户显示不了 原因分析:可能是菜单的menuitem的id是之前其他菜单用过的id,之前的菜单有groups属性,虽然之前的菜单删掉了,但是数据库中没 ...

  2. 联众服务器超时中断,http连接中客户端中断了请求,服务端会中断执行吗?超时时间设置?...

    由于http是基于tcp的,在tcp中,客户端中断了连接,服务端是无法感知的,只能通过发心跳包来检测,而显然我们的nginx是没有发心跳包的,所以,包括nginx,php-fpm都是不知道客户端已断开 ...

  3. 学习 ET(1)- 开源的游戏客户端(基于 unity3d)服务端双端框架

    我: 客户端程序员,15+ 以上 C++ 编码经历, 还算扎实.Unity 编码经历 1年,C# 没有单独学过.真不想离开C++的世界,大形势驱使进入了Unity+C#世界. ET - 开源的游戏客户 ...

  4. 编写Java程序,使用 Socket类模拟用户加入 QQ 群时,QQ 小冰发送欢迎消息的场景(用户充当客户端,QQ 小冰充当服务端)

    查看本章节 查看作业目录 需求说明: 小冰是微软公司研发的人工智能机器人,被腾讯公司加入 QQ 群后,立即受到千万网友的喜爱.现在使用 Socket类模拟用户加入 QQ 群时,QQ 小冰发送欢迎消息的 ...

  5. UE4 TCP通信 (UE客户端与网络调试助手服务端、python服务端通信)

    目录 一.使用UE4建立TCP客户端 二.使用网络调试助手建立服务端 三.基于网络调试助手的服务端与UE客户端通信 四.基于python的TCP服务端与UE客户端通信 一.使用UE4建立TCP客户端 ...

  6. Android-低功耗蓝牙(BLE)-客户端(主机/中心设备)和服务端(从机/外围设备)

    参考: https://developer.android.com/guide/topics/connectivity/bluetooth-le http://a1anwang.com/post-47 ...

  7. 光是无限远服务器怎么登陆,sv独立客户端怎么连接服务器(sv独立客户端登录密码)...

    客户端(Client)或称为用户端,是指与服务器相对应,为客户提供本地服务的程序.除了一些只在本地运行的应用之外,一般安装在普通的客户机上,需要与服务端互相. 天融信sv独立客户端安装好了,打开显示不 ...

  8. 用友修改了变量不能连接到服务器,用友T3客户端登录提示 运行时错误91:未设置对象变量...

    近日使用的用友T3财务软件的T3中碰到一个问题: T3客户端登录提示 运行时错误91:未设置对象变量或with block 变量 详细的问题情况是这样的: T3客户端登录提示 运行时错误91:未设置对 ...

  9. 魔兽世界怎么修改登录服务器地址,wow如何修改登录服务器地址

    wow如何修改登录服务器地址 内容精选 换一换 代码迁移工具进行代码迁移时,需要调用Linux下的rpm.deb等命令才能完成扫描和迁移相关任务,这些命令和逻辑必须在后端Linux运行.插件只支持以W ...

最新文章

  1. plotly可视化绘制多子图(subplots)并自定义坐标轴
  2. Linux下ibus-sunpinyin的安装及翻页快捷键设置!
  3. 安装 Linux -Mplayer 播放器
  4. java文件格式_Java Class文件格式详解
  5. 【深度学习】吊打一切现有版本的YOLO!旷视重磅开源YOLOX:新一代目标检测性能速度担当!...
  6. mongo占用内存过大解决方案
  7. iOS开源项目周报0323
  8. linux swftools java_linux下安装swftools工具
  9. Java-Collection、List
  10. Mysql(8)_存储引擎之InnoDB
  11. matlab元素相同,Matlab:访问所有堆叠结构中的相同元素
  12. 微信开发者工具下载安装教程
  13. 广州大学机器学习与数据挖掘实验一:线性回归
  14. Android 常用图标尺寸及设计规范汇总
  15. 小学教育怎么选择特别容易写的论文选题?
  16. 如何优雅地使用Origin(小技巧)【推荐】
  17. docker CE on Linux示例浅析(四)swam群集配置
  18. vue element 日期范围选择器限制只能选今天之前的时间,或者只能选今天之后的时间
  19. 数学建模学习(29):matlab求解微分方程组详细讲解,代码+案例讲解,学不会找我!
  20. VS Code下git的ca-bundle.crt问题

热门文章

  1. php easyswoole --e,EasySwoole
  2. java后台百度地图经纬度和地址之间的相互转换(通过经纬度获取地址、通过地址获取经纬度)
  3. 分层软件架构及其数据解耦
  4. 【202209-2 何以包邮?】
  5. RK3568主板如何支持HDMI IN
  6. 2020-12-11
  7. Jso格式化,以及缩成一行
  8. 计算机机房kvm系统配件,机房KVM管理系统
  9. RTL8188CUS WIFI模块的使用方式
  10. 搜狐2012年校园招聘会笔试题解析