Asp.net 核心 1.1.2 OpenID 连接 cookie 未在重定向时创建,添加 Set-Cookie header
Asp.net Core 1.1.2 OpenID connect cookies not being created on redirect, Set-Cookie header is added
我正在使用 ASP.NET 核心 1.1.2 和 OpenIDConnect 通过 IdentityServer 连接到单点登录服务器。
"Microsoft.AspNetCore.Authentication.OpenIdConnect": "1.1.2"
现在我遇到了一个奇怪的问题,直到昨天才发生。
在重定向到 SSO 服务器之前应该创建的初始 cookie 没有在浏览器上创建。
在浏览器上使用开发人员控制台,我可以看到 Set-Cookie
header 但未存储 cookie。
Content-Length: 0
Date: Mon, 14 Jan 2019 18:50:10 GMT
Location: http://mysso.com/connect/authorize?client_id=8111797110116117109&redirect_uri=http%3A%...ZD7cNnuWSmAoGyk2kERmR4hemQKsP2OKNbABYvybQCrdCMggrggDuY-5ZXnCTFf3oG11cR4Eh5N3Uarh99MD1nvJZrO4WsWDO73OQrEjh-zK3AceJzjfB2GH0gKKw-51SpcUWNgSTbQe517
Server: Kestrel
Set-Cookie: .AspNetCore.Correlation.oidc.I3lU6aE3BFH_4uuJ6KlgbpFl6Dij_WC-nyhlbUfvAPI=N; expires=Mon, 14 Jan 2019 18:07:24 GMT; path=/; httponly
Set-Cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8BWkCPQm5ElIof7iuryYpWDHYvyls6nYDr84XfQAIcLzg0ktLHIGOP7Tp_eqbvDOTdcQqnKIIogwMad9tWSy9v8BPnN8VUBucuz8qc9kv5Pkpe5aCg9oh6dgQD79a-w8Lc9haFm_tOEze1Wzna3XG7OzcGhw8kwyU5j3K_sK3Z7Y-u3cE_pey9DVbBzZkZStJXpoNjG_HWJHBjuqv7ADfCc91Oi83Ieuk7bBue8md1v2WqvSji3ziHkqyw9FKTV44Iw2Kg4o8Rf_3G-Q9ITNwr8=N; expires=Mon, 14 Jan 2019 18:07:24 GMT; path=/; httponly
X-Powered-By: ASP.NET
我在创建之前检查了 cookie 是否已过期,但是它们都还有 10 分钟的时间才过期。
所有主流浏览器(edge、chrome、firefox)都会出现此问题,不仅是我的电脑,其他浏览器也是如此。
配置代码
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
Authority = Configuration["SSOConfig:ServerUrl"],
AuthenticationScheme = "oidc",
SignInScheme = AuthenticationScheme.Cookies,
RequireHttpsMetadata = false,
ClientId = Configuration["SSOConfig:ClientId"],
ClientSecret = Configuration["SSOConfig:ClientSecret"],
ResponseType = "code id_token",
Scope = { "openid", "offline_access" },
SaveTokens = false,
我尝试手动添加 cookie,它正在运行。
HttpContextAccessor.HttpContext.Response.Cookies.Append("Test", "test");
好像设置的 cookie 不知何故是过期的 cookie。
我不得不将系统升级到.net core 2。
我发现两者的区别在于 set-cookie
。 path=/signin-oidc; secure
Date: Tue, 15 Jan 2019 10:53:04 GMT
Location: https://mysso.com/connect/authorize?client_id=8111797110243116117109&redirect_ur...
Server: Kestrel
Set-Cookie: .AspNetCore.Correlation.oidc.Iy3pTZ-akQm6BzLMCdBPLz1CAGTJ70QgQtjkY9Kvg1Y=N; expires=Tue, 15 Jan 2019 11:08:04 GMT; path=/signin-oidc; secure; httponly
Set-Cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8Oct5aw6xUJOnpJ_-0Ep-nSLfWIXgaEiH7y-0IN9tx61lNrxFhgAzLvLlBQfOfBBegyRJrEsIZFi00iuUt90cJ_bMQI_1XTVr0SiBCAJ9wqR2682VrYe2IbjIrFuB9d-Mmu-ztw-O2Htzd8Z36ndD8zPsgSCY_RD6JYVRe4MTfFBQbDZRxMQ3rgB_ulvSZmshD7vB4gvgcsbLyiY2wVuKzVGEKgJxgq23nxzkNKkL-vHm6w_41D_rZI5_V9hDsfrShFuTViZNttAes1fmA2jMTQ=N; expires=Tue, 15 Jan 2019 11:08:04 GMT; path=/signin-oidc; secure; httponly
X-Powered-By: ASP.NET``
我正在使用 ASP.NET 核心 1.1.2 和 OpenIDConnect 通过 IdentityServer 连接到单点登录服务器。
"Microsoft.AspNetCore.Authentication.OpenIdConnect": "1.1.2"
现在我遇到了一个奇怪的问题,直到昨天才发生。
在重定向到 SSO 服务器之前应该创建的初始 cookie 没有在浏览器上创建。
在浏览器上使用开发人员控制台,我可以看到 Set-Cookie
header 但未存储 cookie。
Content-Length: 0
Date: Mon, 14 Jan 2019 18:50:10 GMT
Location: http://mysso.com/connect/authorize?client_id=8111797110116117109&redirect_uri=http%3A%...ZD7cNnuWSmAoGyk2kERmR4hemQKsP2OKNbABYvybQCrdCMggrggDuY-5ZXnCTFf3oG11cR4Eh5N3Uarh99MD1nvJZrO4WsWDO73OQrEjh-zK3AceJzjfB2GH0gKKw-51SpcUWNgSTbQe517
Server: Kestrel
Set-Cookie: .AspNetCore.Correlation.oidc.I3lU6aE3BFH_4uuJ6KlgbpFl6Dij_WC-nyhlbUfvAPI=N; expires=Mon, 14 Jan 2019 18:07:24 GMT; path=/; httponly
Set-Cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8BWkCPQm5ElIof7iuryYpWDHYvyls6nYDr84XfQAIcLzg0ktLHIGOP7Tp_eqbvDOTdcQqnKIIogwMad9tWSy9v8BPnN8VUBucuz8qc9kv5Pkpe5aCg9oh6dgQD79a-w8Lc9haFm_tOEze1Wzna3XG7OzcGhw8kwyU5j3K_sK3Z7Y-u3cE_pey9DVbBzZkZStJXpoNjG_HWJHBjuqv7ADfCc91Oi83Ieuk7bBue8md1v2WqvSji3ziHkqyw9FKTV44Iw2Kg4o8Rf_3G-Q9ITNwr8=N; expires=Mon, 14 Jan 2019 18:07:24 GMT; path=/; httponly
X-Powered-By: ASP.NET
我在创建之前检查了 cookie 是否已过期,但是它们都还有 10 分钟的时间才过期。
所有主流浏览器(edge、chrome、firefox)都会出现此问题,不仅是我的电脑,其他浏览器也是如此。
配置代码
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
Authority = Configuration["SSOConfig:ServerUrl"],
AuthenticationScheme = "oidc",
SignInScheme = AuthenticationScheme.Cookies,
RequireHttpsMetadata = false,
ClientId = Configuration["SSOConfig:ClientId"],
ClientSecret = Configuration["SSOConfig:ClientSecret"],
ResponseType = "code id_token",
Scope = { "openid", "offline_access" },
SaveTokens = false,
我尝试手动添加 cookie,它正在运行。
HttpContextAccessor.HttpContext.Response.Cookies.Append("Test", "test");
好像设置的 cookie 不知何故是过期的 cookie。
我不得不将系统升级到.net core 2。
我发现两者的区别在于 set-cookie
。 path=/signin-oidc; secure
Date: Tue, 15 Jan 2019 10:53:04 GMT
Location: https://mysso.com/connect/authorize?client_id=8111797110243116117109&redirect_ur...
Server: Kestrel
Set-Cookie: .AspNetCore.Correlation.oidc.Iy3pTZ-akQm6BzLMCdBPLz1CAGTJ70QgQtjkY9Kvg1Y=N; expires=Tue, 15 Jan 2019 11:08:04 GMT; path=/signin-oidc; secure; httponly
Set-Cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8Oct5aw6xUJOnpJ_-0Ep-nSLfWIXgaEiH7y-0IN9tx61lNrxFhgAzLvLlBQfOfBBegyRJrEsIZFi00iuUt90cJ_bMQI_1XTVr0SiBCAJ9wqR2682VrYe2IbjIrFuB9d-Mmu-ztw-O2Htzd8Z36ndD8zPsgSCY_RD6JYVRe4MTfFBQbDZRxMQ3rgB_ulvSZmshD7vB4gvgcsbLyiY2wVuKzVGEKgJxgq23nxzkNKkL-vHm6w_41D_rZI5_V9hDsfrShFuTViZNttAes1fmA2jMTQ=N; expires=Tue, 15 Jan 2019 11:08:04 GMT; path=/signin-oidc; secure; httponly
X-Powered-By: ASP.NET``