我在身份服务器 4 .Net Core 中的外部授权请求不支持默认请求的状态参数值长度
The default requested state parameter value length is not supported for my external authorization request in identity server 4 .Net Core
1. Tried to customize the state parameter with the below code
options.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProvider = (RedirectContext context) =>
{
//context.ProtocolMessage.SetParameter("CustomParameter", "Test");
//context.Properties.Items.Add(OpenIdConnectDefaults.RedirectUriForCodePropertiesKey, context.ProtocolMessage.RedirectUri);
//context.ProtocolMessage.State = context.Options.StateDataFormat.Protect(context.Properties);
context.ProtocolMessage.State = Guid.NewGuid().ToString();
context.Response.Redirect(context.ProtocolMessage.CreateAuthenticationRequestUrl());
context.HandleResponse();
return Task.CompletedTask;
}
Getting the below error after authenticated with external login screen.
2021-08-25 15:17:52.713 +00:00 [ERR] An unhandled exception has occurred while executing the request.
System.Exception: An error was encountered while handling the remote login.
---> System.Exception: Unable to unprotect the message.State.
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
at IdentityServer4.Hosting.FederatedSignOut.AuthenticationRequestHandlerWrapper.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext
context)
at IdentityServer4.Hosting.BaseUrlMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.g__Awaited|6_0(ExceptionHandlerMiddleware
middleware, HttpContext context, Task task)
Q1: Is there any way to customize the state parameter value? Default generated value length is my only concern.
Q2: Is it possible to set guid as status param value?
Please advise.
默认上下文身份验证属性通过OnRedirectToIdentityProvider中的Protect方法加密,然后从成功身份验证状态,它将被解密OnMessageReceived 中的 UnProtect 方法。我们必须在映射自定义 guid 的数据和稍后的受保护字符串之间取消对身份验证属性的保护。
options.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProvider = (RedirectContext context) =>
{
//context.ProtocolMessage.SetParameter("CustomParameter", "Test");
context.Properties.Items.Add(OpenIdConnectDefaults.RedirectUriForCodePropertiesKey, context.ProtocolMessage.RedirectUri); ;
context.ProtocolMessage.State = CacheHelper.SetMemoryCache(Guid.NewGuid().ToString(), context.Options.StateDataFormat.Protect(context.Properties));
context.Response.Redirect(context.ProtocolMessage.CreateAuthenticationRequestUrl());
context.HandleResponse();
return Task.CompletedTask;
},
OnMessageReceived = (MessageReceivedContext context) =>
{
context.ProtocolMessage.State = CacheHelper.GetMemoryCache(context.ProtocolMessage.State);
context.Properties = context.Options.StateDataFormat.Unprotect(context.ProtocolMessage.State);
return Task.CompletedTask;
},
OnAuthorizationCodeReceived = (AuthorizationCodeReceivedContext context) =>
{
return Task.CompletedTask;
}
};
1. Tried to customize the state parameter with the below code
options.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProvider = (RedirectContext context) =>
{
//context.ProtocolMessage.SetParameter("CustomParameter", "Test");
//context.Properties.Items.Add(OpenIdConnectDefaults.RedirectUriForCodePropertiesKey, context.ProtocolMessage.RedirectUri);
//context.ProtocolMessage.State = context.Options.StateDataFormat.Protect(context.Properties);
context.ProtocolMessage.State = Guid.NewGuid().ToString();
context.Response.Redirect(context.ProtocolMessage.CreateAuthenticationRequestUrl());
context.HandleResponse();
return Task.CompletedTask;
}
Getting the below error after authenticated with external login screen.
2021-08-25 15:17:52.713 +00:00 [ERR] An unhandled exception has occurred while executing the request. System.Exception: An error was encountered while handling the remote login. ---> System.Exception: Unable to unprotect the message.State. --- End of inner exception stack trace --- at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at IdentityServer4.Hosting.FederatedSignOut.AuthenticationRequestHandlerWrapper.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContextcontext) at IdentityServer4.Hosting.BaseUrlMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)
Q1: Is there any way to customize the state parameter value? Default generated value length is my only concern.
Q2: Is it possible to set guid as status param value?
Please advise.
默认上下文身份验证属性通过OnRedirectToIdentityProvider中的Protect方法加密,然后从成功身份验证状态,它将被解密OnMessageReceived 中的 UnProtect 方法。我们必须在映射自定义 guid 的数据和稍后的受保护字符串之间取消对身份验证属性的保护。
options.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProvider = (RedirectContext context) =>
{
//context.ProtocolMessage.SetParameter("CustomParameter", "Test");
context.Properties.Items.Add(OpenIdConnectDefaults.RedirectUriForCodePropertiesKey, context.ProtocolMessage.RedirectUri); ;
context.ProtocolMessage.State = CacheHelper.SetMemoryCache(Guid.NewGuid().ToString(), context.Options.StateDataFormat.Protect(context.Properties));
context.Response.Redirect(context.ProtocolMessage.CreateAuthenticationRequestUrl());
context.HandleResponse();
return Task.CompletedTask;
},
OnMessageReceived = (MessageReceivedContext context) =>
{
context.ProtocolMessage.State = CacheHelper.GetMemoryCache(context.ProtocolMessage.State);
context.Properties = context.Options.StateDataFormat.Unprotect(context.ProtocolMessage.State);
return Task.CompletedTask;
},
OnAuthorizationCodeReceived = (AuthorizationCodeReceivedContext context) =>
{
return Task.CompletedTask;
}
};