ASP.Net 核心 OpenIdConnect Steam
ASP.Net Core OpenIdConnect Steam
我正在尝试将 Steam OpenId 实施到我的 ASP.Net 核心应用程序中,但我以前没有任何实施 OpenID 的经验。
不幸的是,Steam 方面严重缺乏文档,只是简单地声明 "just download an OpenID library",并为您提供一个页面来注册域名的 API 密钥。
完整 ASP.Net 有多种实现可用,但 Core 不可用,似乎存在一些差异。
我正在尝试使用 Microsoft.AspNetCore.Authentication.OpenIdConnect, though I am not entirely sure if this is the right library. It seems there is a difference between "OpenID" and "OpenID Connect"。
我在 Startup.cs 中设置了身份验证,如下所示:
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
DisplayName = "Steam",
Authority = "http://steamcommunity.com/openid",
ClientId = "MyClientId",
ClientSecret = "ApiKeyHere",
SignInScheme = "SignInCookie",
CallbackPath = new PathString("/Account/SteamCallback"),
RequireHttpsMetadata = false
});
但是当我点击登录页面时,其中包含一个 return 挑战的动作:
public IActionResult SignIn()
{
return Challenge();
}
我收到错误
JsonReaderException: Unexpected character encountered while parsing value: <. Path '', line 0, position 0.
Newtonsoft.Json.JsonTextReader.ParseValue() InvalidOperationException:
IDX10803: Unable to obtain configuration from: 'http://steamcommunity.com/openid/.well-known/openid-configuration'.
当我看这个URL时,似乎return XML数据用于OpenID的配置:
<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)">
<XRD>
<Service priority="0">
<Type>http://specs.openid.net/auth/2.0/server</Type>
<URI>https://steamcommunity.com/openid/login</URI>
</Service>
</XRD>
</xrds:XRDS>
但是 OpenID 规范声明此信息 should be in JSON。
接下来我尝试注册自己的 OpenIdConnectMiddleware,就像 this ASP.Net 实现一样,但是,由于缺少服务,这导致无法构建OpenIdConnectMiddleware class 需要:
System.InvalidOperationException: 'A suitable constructor for type
'TestApplication.SteamOpenId.SteamAuthenticationMiddleware' could not be
located. Ensure the type is concrete and services are registered for
all parameters of a public constructor.'
我的实现:
public class SteamAuthenticationMiddleware : OpenIdConnectMiddleware
{
public SteamAuthenticationMiddleware(
RequestDelegate next,
IDataProtectionProvider dataProtectionProvider,
ILoggerFactory loggerFactory,
UrlEncoder encoder,
IServiceProvider services,
IOptions<SharedAuthenticationOptions> sharedOptions,
IOptions<OpenIdConnectOptions> options,
HtmlEncoder htmlEncoder) :
base(
next,
dataProtectionProvider,
loggerFactory,
encoder,
services,
sharedOptions,
options,
htmlEncoder)
{
}
protected override AuthenticationHandler<OpenIdConnectOptions> CreateHandler() => new SteamAuthenticationHandler();
}
我知道这个问题不是很具体,但是有人可以用这个为我指出正确的方向吗?我有点难过。
It seems there is a difference between "OpenID" and "OpenID Connect".
有:OpenID 1/2 和 OpenID Connect 是完全不同的协议。
Steam 仍在使用 OpenID 2.0,因此您不能使用 ASP.NET Core 的 OpenID Connect 中间件来使用他们的 Steam 帐户对您的用户进行身份验证,因为这两个协议不是 compatible/interoperable。
I know this question isn't very specific, but can anyone point me in the right direction with this? I am a little stumped.
您提到的 aspnet-contrib Steam 中间件源自专门为 ASP.NET Core 开发的通用 OpenID 2.0 提供程序,因此可能是您的最佳选择(也就是说,我就是编写它的人, 所以我可能不会 objective).
您可以在 NuGet.org 上找到包裹:https://www.nuget.org/packages/AspNet.Security.OpenId.Steam/。
我正在尝试将 Steam OpenId 实施到我的 ASP.Net 核心应用程序中,但我以前没有任何实施 OpenID 的经验。
不幸的是,Steam 方面严重缺乏文档,只是简单地声明 "just download an OpenID library",并为您提供一个页面来注册域名的 API 密钥。
完整 ASP.Net 有多种实现可用,但 Core 不可用,似乎存在一些差异。
我正在尝试使用 Microsoft.AspNetCore.Authentication.OpenIdConnect, though I am not entirely sure if this is the right library. It seems there is a difference between "OpenID" and "OpenID Connect"。
我在 Startup.cs 中设置了身份验证,如下所示:
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
DisplayName = "Steam",
Authority = "http://steamcommunity.com/openid",
ClientId = "MyClientId",
ClientSecret = "ApiKeyHere",
SignInScheme = "SignInCookie",
CallbackPath = new PathString("/Account/SteamCallback"),
RequireHttpsMetadata = false
});
但是当我点击登录页面时,其中包含一个 return 挑战的动作:
public IActionResult SignIn()
{
return Challenge();
}
我收到错误
JsonReaderException: Unexpected character encountered while parsing value: <. Path '', line 0, position 0.
Newtonsoft.Json.JsonTextReader.ParseValue() InvalidOperationException:
IDX10803: Unable to obtain configuration from: 'http://steamcommunity.com/openid/.well-known/openid-configuration'.
当我看这个URL时,似乎return XML数据用于OpenID的配置:
<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)">
<XRD>
<Service priority="0">
<Type>http://specs.openid.net/auth/2.0/server</Type>
<URI>https://steamcommunity.com/openid/login</URI>
</Service>
</XRD>
</xrds:XRDS>
但是 OpenID 规范声明此信息 should be in JSON。
接下来我尝试注册自己的 OpenIdConnectMiddleware,就像 this ASP.Net 实现一样,但是,由于缺少服务,这导致无法构建OpenIdConnectMiddleware class 需要:
System.InvalidOperationException: 'A suitable constructor for type 'TestApplication.SteamOpenId.SteamAuthenticationMiddleware' could not be located. Ensure the type is concrete and services are registered for all parameters of a public constructor.'
我的实现:
public class SteamAuthenticationMiddleware : OpenIdConnectMiddleware
{
public SteamAuthenticationMiddleware(
RequestDelegate next,
IDataProtectionProvider dataProtectionProvider,
ILoggerFactory loggerFactory,
UrlEncoder encoder,
IServiceProvider services,
IOptions<SharedAuthenticationOptions> sharedOptions,
IOptions<OpenIdConnectOptions> options,
HtmlEncoder htmlEncoder) :
base(
next,
dataProtectionProvider,
loggerFactory,
encoder,
services,
sharedOptions,
options,
htmlEncoder)
{
}
protected override AuthenticationHandler<OpenIdConnectOptions> CreateHandler() => new SteamAuthenticationHandler();
}
我知道这个问题不是很具体,但是有人可以用这个为我指出正确的方向吗?我有点难过。
It seems there is a difference between "OpenID" and "OpenID Connect".
有:OpenID 1/2 和 OpenID Connect 是完全不同的协议。
Steam 仍在使用 OpenID 2.0,因此您不能使用 ASP.NET Core 的 OpenID Connect 中间件来使用他们的 Steam 帐户对您的用户进行身份验证,因为这两个协议不是 compatible/interoperable。
I know this question isn't very specific, but can anyone point me in the right direction with this? I am a little stumped.
您提到的 aspnet-contrib Steam 中间件源自专门为 ASP.NET Core 开发的通用 OpenID 2.0 提供程序,因此可能是您的最佳选择(也就是说,我就是编写它的人, 所以我可能不会 objective).
您可以在 NuGet.org 上找到包裹:https://www.nuget.org/packages/AspNet.Security.OpenId.Steam/。