Owin 身份验证不发出 cookie
Owin authentication does not emit cookie
我在登录控制器中有以下操作。出于测试目的,我没有在 Index 操作中使用登录表单。相反,我创建声明身份并登录。此操作是 GET 而不是 POST。它创建一个声明身份并将其用于 AuthenticationManager.SignIn。但是当我检查浏览器 cookie 时,我找不到身份验证 cookie。我想弄清楚哪里出了问题。
[AllowAnonymous]
public ActionResult Index()
{
var identity = new ClaimsIdentity(DefaultAuthenticationTypes.ApplicationCookie);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, "30"));
identity.AddClaim(new Claim(ClaimTypes.Name, "JFid"));
identity.AddClaim(new Claim(ClaimTypes.Email, "test"));
AuthenticationManager.SignIn(new AuthenticationProperties()
{
IsPersistent = true,
ExpiresUtc = DateTime.UtcNow.AddDays(7)
}, identity);
return View();
}
而且我在 OWIN 中启用了 cookie 身份验证。
[assembly: OwinStartup(typeof(D.Support.WebStartup))]
namespace D.Support
{
public class WebStartup
{
public void Configuration(IAppBuilder app)
{
app.UseCookieAuthentication(new Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions()
{
LoginPath = new PathString("/MyLoginPath"),
CookieName = "MyCookieName",
CookieHttpOnly = true,
});
}
}
}
您应该将 ClaimsIdentity AuthenticationType 设置为与 CookieOption AuthenticationType
相同
app.UseCookieAuthentication(new Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions()
{
LoginPath = new PathString("/MyLoginPath"),
CookieName = "MyCookieName",
CookieHttpOnly = true,
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
如果有人对为什么我们需要按照已接受的答案进行操作感到好奇,请将我的发现放在这里。
如果您没有在 CookieAuthenticationOptions 中指定 AuthenticationType,它最终使用的默认值为 CookieAuthenticationDefaults.AuthenticationType,其值为“Cookies”
并且 Microsoft.AspNet.Identity 包中的 DefaultAuthenticationTypes.ApplicationCookie 的字符串值为“ApplicationCookie”
并且在 CookieAuthenticationHandler 的 ApplyResponseGrantAsync() 方法中,调用此方法将身份验证器附加到响应 header,调用以下代码。
如果 authenticationtype 与 claimsidentity 不匹配,它将 return null。
/// <summary>
/// Find response sign-in details for a specific authentication middleware
/// </summary>
/// <param name="authenticationType">The authentication type to look for</param>
/// <returns>The information instructing the middleware how it should behave</returns>
public AuthenticationResponseGrant LookupSignIn(string authenticationType)
{
if (authenticationType == null)
{
throw new ArgumentNullException("authenticationType");
}
AuthenticationResponseGrant grant = _context.Authentication.AuthenticationResponseGrant;
if (grant == null)
{
return null;
}
foreach (var claimsIdentity in grant.Principal.Identities)
{
if (string.Equals(authenticationType, claimsIdentity.AuthenticationType, StringComparison.Ordinal))
{
return new AuthenticationResponseGrant(claimsIdentity, grant.Properties ?? new AuthenticationProperties());
}
}
return null;
}
我在登录控制器中有以下操作。出于测试目的,我没有在 Index 操作中使用登录表单。相反,我创建声明身份并登录。此操作是 GET 而不是 POST。它创建一个声明身份并将其用于 AuthenticationManager.SignIn。但是当我检查浏览器 cookie 时,我找不到身份验证 cookie。我想弄清楚哪里出了问题。
[AllowAnonymous]
public ActionResult Index()
{
var identity = new ClaimsIdentity(DefaultAuthenticationTypes.ApplicationCookie);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, "30"));
identity.AddClaim(new Claim(ClaimTypes.Name, "JFid"));
identity.AddClaim(new Claim(ClaimTypes.Email, "test"));
AuthenticationManager.SignIn(new AuthenticationProperties()
{
IsPersistent = true,
ExpiresUtc = DateTime.UtcNow.AddDays(7)
}, identity);
return View();
}
而且我在 OWIN 中启用了 cookie 身份验证。
[assembly: OwinStartup(typeof(D.Support.WebStartup))]
namespace D.Support
{
public class WebStartup
{
public void Configuration(IAppBuilder app)
{
app.UseCookieAuthentication(new Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions()
{
LoginPath = new PathString("/MyLoginPath"),
CookieName = "MyCookieName",
CookieHttpOnly = true,
});
}
}
}
您应该将 ClaimsIdentity AuthenticationType 设置为与 CookieOption AuthenticationType
app.UseCookieAuthentication(new Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions()
{
LoginPath = new PathString("/MyLoginPath"),
CookieName = "MyCookieName",
CookieHttpOnly = true,
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
如果有人对为什么我们需要按照已接受的答案进行操作感到好奇,请将我的发现放在这里。
如果您没有在 CookieAuthenticationOptions 中指定 AuthenticationType,它最终使用的默认值为 CookieAuthenticationDefaults.AuthenticationType,其值为“Cookies”
并且 Microsoft.AspNet.Identity 包中的 DefaultAuthenticationTypes.ApplicationCookie 的字符串值为“ApplicationCookie”
并且在 CookieAuthenticationHandler 的 ApplyResponseGrantAsync() 方法中,调用此方法将身份验证器附加到响应 header,调用以下代码。 如果 authenticationtype 与 claimsidentity 不匹配,它将 return null。
/// <summary>
/// Find response sign-in details for a specific authentication middleware
/// </summary>
/// <param name="authenticationType">The authentication type to look for</param>
/// <returns>The information instructing the middleware how it should behave</returns>
public AuthenticationResponseGrant LookupSignIn(string authenticationType)
{
if (authenticationType == null)
{
throw new ArgumentNullException("authenticationType");
}
AuthenticationResponseGrant grant = _context.Authentication.AuthenticationResponseGrant;
if (grant == null)
{
return null;
}
foreach (var claimsIdentity in grant.Principal.Identities)
{
if (string.Equals(authenticationType, claimsIdentity.AuthenticationType, StringComparison.Ordinal))
{
return new AuthenticationResponseGrant(claimsIdentity, grant.Properties ?? new AuthenticationProperties());
}
}
return null;
}