• <small id='8gGfS'></small><noframes id='8gGfS'>

  • <i id='8gGfS'><tr id='8gGfS'><dt id='8gGfS'><q id='8gGfS'><span id='8gGfS'><b id='8gGfS'><form id='8gGfS'><ins id='8gGfS'></ins><ul id='8gGfS'></ul><sub id='8gGfS'></sub></form><legend id='8gGfS'></legend><bdo id='8gGfS'><pre id='8gGfS'><center id='8gGfS'></center></pre></bdo></b><th id='8gGfS'></th></span></q></dt></tr></i><div id='8gGfS'><tfoot id='8gGfS'></tfoot><dl id='8gGfS'><fieldset id='8gGfS'></fieldset></dl></div>
  • <tfoot id='8gGfS'></tfoot>

        <legend id='8gGfS'><style id='8gGfS'><dir id='8gGfS'><q id='8gGfS'></q></dir></style></legend>
        • <bdo id='8gGfS'></bdo><ul id='8gGfS'></ul>

        在运行 HTTPS 的应用程序中以 HTTP 而非 HTTPS 形式发送的重定向 URI

        Redirect URI sent as HTTP and not HTTPS in app running HTTPS(在运行 HTTPS 的应用程序中以 HTTP 而非 HTTPS 形式发送的重定向 URI)

        <tfoot id='1gtYM'></tfoot>

            <tbody id='1gtYM'></tbody>
          <legend id='1gtYM'><style id='1gtYM'><dir id='1gtYM'><q id='1gtYM'></q></dir></style></legend>

              <small id='1gtYM'></small><noframes id='1gtYM'>

              <i id='1gtYM'><tr id='1gtYM'><dt id='1gtYM'><q id='1gtYM'><span id='1gtYM'><b id='1gtYM'><form id='1gtYM'><ins id='1gtYM'></ins><ul id='1gtYM'></ul><sub id='1gtYM'></sub></form><legend id='1gtYM'></legend><bdo id='1gtYM'><pre id='1gtYM'><center id='1gtYM'></center></pre></bdo></b><th id='1gtYM'></th></span></q></dt></tr></i><div id='1gtYM'><tfoot id='1gtYM'></tfoot><dl id='1gtYM'><fieldset id='1gtYM'></fieldset></dl></div>
                • <bdo id='1gtYM'></bdo><ul id='1gtYM'></ul>
                • 本文介绍了在运行 HTTPS 的应用程序中以 HTTP 而非 HTTPS 形式发送的重定向 URI的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

                  问题描述

                  我有一个 Asp .net 核心 MVC 应用程序.它连接到 Identity Server 4 进行身份验证.托管在 docker swarm 中

                  MVC 应用托管在 https://XXXXXXX

                  配置服务

                  services.AddAuthentication(options =>{options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;}).AddCookie(CookieAuthenticationDefaults.AuthenticationScheme).AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme,选项=>{//options.DataProtectionProvider = DataProtectionProvider.Create(new DirectoryInfo(@"C:	emp-keys"));//当根据我们收到的数据创建身份时,//使用此身份验证方案将其持久化,因此在 cookie 中options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;//身份服务器端点options.Authority = settingsSetup.IdentityServerEndpoint;//登录时使用的客户端 IDoptions.ClientId = settingsSetup.ClientId;//客户端密码.options.ClientSecret = settingsSetup.Secret;//我们 API 的范围options.Scope.Add("testapi");options.Scope.Add("devconsole");//添加 offline_access 以获取刷新令牌options.Scope.Add("offline_access");options.ResponseType = "代码 id_token";options.SaveTokens = true;options.GetClaimsFromUserInfoEndpoint = true;});

                  当我尝试运行应用程序时,我收到重定向 uri 未匹配错误.

                  无效的redirect_uri:http://developerconsole.XXXXX.io/signin-oidc{"ClientId": "BB1D2DA8-D7E4-4AF5-94FA-19EAD6B7D711.apps.XXXXX.biz","ClientName": "开发者控制台",AllowedRedirectUris":["http://localhost:55000/signin-oidc","http://localhost:55000/auth.html",http://localhost:55000/auth-silent.html"https://developerconsole.XXXXX.io/signin-oidc"],"SubjectId": "21379983",请求范围":",生的": {"client_id": "BB1D2DA8-D7E4-4AF5-94FA-19EAD6B7D711.apps.XXXXX.biz","redirect_uri": "http://developerconsole.XXXXX.io/signin-oidc","response_type": "代码 id_token","scope": "openid profile testapi devconsole offline_access","response_mode": "form_post",nonce":636625889658410682.MjNlMmQwNjgtZmY0MC00MmVkLWFiNmMtN2M2YmQ5YTM5ZTQ3NjFiYzI2ZjktZWM0Yi00NDk3LTk1ZWMtNjJkYjViMDYwMTJm",状态": CfDJ8Pwa8A3ipXlKtuyxNMpMxAz5QUFmdSunRKdlKS9sS390AKp8gIUZShQUMMCkFAhYLytitgsXUBgwlQDJaJvtHFqzHygLCPwS8Jab6IJzhpry90qS51E1y_eRlppamRDOzYDZ6fcDFzWV1U43BTP2B6pnPTSLNcZRaooyGBXtNokeUqOJ  -  U-_MOQB8Bw3n2cRyV4kisHNkslD1Gsi2wn1Cx6aTVlqzw_pxHelAXm1P8FyDJpD7G0azFgKgpQF0DRJtC5penRJQzHIHvQN8v4ECGeuSD1zlyfJYClLO2r6kY_R2OYqtBkV0r_SNc9h7xUYmnVaHKQzYqVc_mJO4iLLSMTZrBUICZWR8c4PZw0Os3N""x-client-SKU": "ID_NET",x-client-ver":2.1.4.0"}}

                  错误即将到来,因为我将 "https://developerconsole.XXXXX.io/signin-oidc" 作为重定向 uri 而不是 "http://developerconsole.XXXXX.io/signin-oidc" 我不想添加 HTTP 重定向 uri.

                  为什么我的应用构建的重定向 uri 有 http 而不是 https?

                  如果我确实添加了 HTTP,我会收到一个烦人的关联错误.我认为这是因为它被服务器作为 https 返回,因为服务器会自动将 http 转换为 https.

                  <块引用>

                  处理请求时发生未处理的异常.例外:关联失败.Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler+d__12.MoveNext()

                  堆栈查询 Cookie 标头异常:关联失败.Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler+d__12.MoveNext()System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务任务)Microsoft.AspNetCore.Authentication.AuthenticationMiddleware+d__6.MoveNext()System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务任务)Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware+d__7.MoveNext()

                  我可能不需要提及这在 localhost 上可以正常工作:/

                  解决方案

                  解决方案很简单.通过设置 UseForwardedHeaders,它现在将所有请求作为 HTTPS 发送.

                  app.UseForwardedHeaders(new ForwardedHeadersOptions{ForwardedHeaders = ForwardedHeaders.XForwardedProto});

                  <块引用>

                  关联失败.

                  现在已修复,我不再需要 http 和 https 重定向 uri.

                  I have an Asp .net core MVC app. Which connects to an Identity Server 4 for authentication. Hosted in a docker swarm

                  MVC app is hosted on https://XXXXXXX

                  ConfigurServies

                  services.AddAuthentication(options =>
                          {
                              options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                              options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
                          })
                               .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
                              .AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
                              {
                                  //options.DataProtectionProvider = DataProtectionProvider.Create(new DirectoryInfo(@"C:	emp-keys"));
                                  // when the identity has been created from the data we receive,
                                  // persist it with this authentication scheme, hence in a cookie
                                  options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                                  // Identity server endpoint
                                  options.Authority = settingsSetup.IdentityServerEndpoint;
                  
                                  // Client id to login with
                                  options.ClientId = settingsSetup.ClientId;
                                  // Client secret.
                                  options.ClientSecret = settingsSetup.Secret;
                  
                                  // Scope of our API
                                  options.Scope.Add("testapi");
                                  options.Scope.Add("devconsole");
                                  // adding offline_access to get a refresh token
                                  options.Scope.Add("offline_access");
                  
                                  options.ResponseType = "code id_token";
                                  options.SaveTokens = true;
                                  options.GetClaimsFromUserInfoEndpoint = true;
                              });
                  

                  When I try to run the app I get a redirect uri miss match error.

                  Invalid redirect_uri: http://developerconsole.XXXXX.io/signin-oidc
                  {
                    "ClientId": "BB1D2DA8-D7E4-4AF5-94FA-19EAD6B7D711.apps.XXXXX.biz",
                    "ClientName": "Developer Console",
                    "AllowedRedirectUris": [
                      "http://localhost:55000/signin-oidc",
                      "http://localhost:55000/auth.html",
                      "http://localhost:55000/auth-silent.html"
                      "https://developerconsole.XXXXX.io/signin-oidc"
                    ],
                    "SubjectId": "21379983",
                    "RequestedScopes": "",
                    "Raw": {
                      "client_id": "BB1D2DA8-D7E4-4AF5-94FA-19EAD6B7D711.apps.XXXXX.biz",
                      "redirect_uri": "http://developerconsole.XXXXX.io/signin-oidc",
                      "response_type": "code id_token",
                      "scope": "openid profile testapi devconsole offline_access",
                      "response_mode": "form_post",
                      "nonce": "636625889658410682.MjNlMmQwNjgtZmY0MC00MmVkLWFiNmMtN2M2YmQ5YTM5ZTQ3NjFiYzI2ZjktZWM0Yi00NDk3LTk1ZWMtNjJkYjViMDYwMTJm",
                      "state": "CfDJ8Pwa8A3ipXlKtuyxNMpMxAz5QUFmdSunRKdlKS9sS390AKp8gIUZShQUMMCkFAhYLytitgsXUBgwlQDJaJvtHFqzHygLCPwS8Jab6IJzhpry90qS51E1y_eRlppamRDOzYDZ6fcDFzWV1U43BTP2B6pnPTSLNcZRaooyGBXtNokeUqOJ--u-_MOQB8Bw3n2cRyV4kisHNkslD1Gsi2wn1Cx6aTVlqzw_pxHelAXm1P8FyDJpD7G0azFgKgpQF0DRJtC5penRJQzHIHvQN8v4ECGeuSD1zlyfJYClLO2r6kY_R2OYqtBkV0r_SNc9h7xUYmnVaHKQzYqVc_mJO4iLLSMTZrBUICZWR8c4PZw0Os3N",
                      "x-client-SKU": "ID_NET",
                      "x-client-ver": "2.1.4.0"
                    }
                  }
                  

                  The error is coming because i have "https://developerconsole.XXXXX.io/signin-oidc" as a redirect uri and not "http://developerconsole.XXXXX.io/signin-oidc" I dont want to add HTTP redirect uris.

                  Why is my app building the redirect uri has http and not https?

                  If i do add the HTTP on i am getting an annoying Correlation error. which i think is due to the fact that its being returned by the server as https since the server automatically converts http to https.

                  An unhandled exception occurred while processing the request. Exception: Correlation failed. Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler+d__12.MoveNext()

                  Stack Query Cookies Headers Exception: Correlation failed. Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler+d__12.MoveNext() System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) Microsoft.AspNetCore.Authentication.AuthenticationMiddleware+d__6.MoveNext() System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware+d__7.MoveNext()

                  I probably dont need to mention this works fine on localhost :/

                  解决方案

                  The solution was quite simple. By setting UseForwardedHeaders it now sends all the requests as HTTPS.

                  app.UseForwardedHeaders(new ForwardedHeadersOptions
                          {
                              ForwardedHeaders = ForwardedHeaders.XForwardedProto
                          });
                  

                  Correlation failed.

                  is now fixed and i no longer need to have a http and https redirect uris.

                  这篇关于在运行 HTTPS 的应用程序中以 HTTP 而非 HTTPS 形式发送的重定向 URI的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

                  本站部分内容来源互联网,如果有图片或者内容侵犯了您的权益,请联系我们,我们会在确认后第一时间进行删除!

                  相关文档推荐

                  Performance overhead of using attributes in .NET(在 .NET 中使用属性的性能开销)
                  Accessing attribute info from DTE(从 DTE 访问属性信息)
                  c# Hide a property in datagridview with datasource(c#使用数据源隐藏datagridview中的属性)
                  Extract Display name and description Attribute from within a HTML helper(从 HTML 帮助器中提取显示名称和描述属性)
                  C# Attributes and their uses(C# 属性及其用途)
                  C# - Getting all enums value by attribute(C# - 按属性获取所有枚举值)

                  <small id='eGUjx'></small><noframes id='eGUjx'>

                    <tbody id='eGUjx'></tbody>
                        <bdo id='eGUjx'></bdo><ul id='eGUjx'></ul>
                      • <i id='eGUjx'><tr id='eGUjx'><dt id='eGUjx'><q id='eGUjx'><span id='eGUjx'><b id='eGUjx'><form id='eGUjx'><ins id='eGUjx'></ins><ul id='eGUjx'></ul><sub id='eGUjx'></sub></form><legend id='eGUjx'></legend><bdo id='eGUjx'><pre id='eGUjx'><center id='eGUjx'></center></pre></bdo></b><th id='eGUjx'></th></span></q></dt></tr></i><div id='eGUjx'><tfoot id='eGUjx'></tfoot><dl id='eGUjx'><fieldset id='eGUjx'></fieldset></dl></div>

                          <tfoot id='eGUjx'></tfoot>
                          <legend id='eGUjx'><style id='eGUjx'><dir id='eGUjx'><q id='eGUjx'></q></dir></style></legend>