У нас есть настройка аутентификации на основе файлов cookie, в которой мы обрабатываем пользователей. Мы используем ASP.NET Core 2.1 в Service Fabric.
У нас все настроено так, что схема проверки подлинности cookie «возвращается» к проверке подлинности OpenID с использованием AzureAD.
Мы можем успешно загрузить логин Azure Ad B2C, однако после входа мы получаем проблему Correlation Failed. Как мы можем это исправить?
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddCors();
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddAzureAdB2C(options => Configuration.Bind("Authentication:AzureAdB2C", options))
.AddCookie(options =>
{
options.ExpireTimeSpan = TimeSpan.FromMinutes(600);
options.SlidingExpiration = true;
options.Cookie.HttpOnly = false;
options.Cookie.SecurePolicy = Microsoft.AspNetCore.Http.CookieSecurePolicy.SameAsRequest;
});
services.AddMvc();
services.AddDistributedMemoryCache();
services.AddSession(options =>
{
options.IdleTimeout = TimeSpan.FromHours(1);
options.Cookie.HttpOnly = true;
options.Cookie.IsEssential = true;
});
Utility.Caching.CachingConfig.ConfigureCache(services, hostingEnvironment);
Utility.Swagger.SwaggerConfig.ConfigureService(services, SwaggerApiVersion, SwaggerApiTitle,
Path.Combine(AppContext.BaseDirectory, $"{Assembly.GetExecutingAssembly().GetName().Name}.xml"));
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
var forwardedHeaderOptions = new ForwardedHeadersOptions
{
ForwardedHeaders =
Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.XForwardedHost |
Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.XForwardedFor |
Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.XForwardedProto
};
//SenseiLogger.Current.LogInformational(1, "KnownNetworks = " + String.Join<string>(", ", forwardedHeaderOptions.KnownNetworks.Select<Microsoft.AspNetCore.HttpOverrides.IPNetwork, string>(ipnet => ipnet.ToString())));
// SenseiLogger.Current.LogInformational(1, "KnownProxies = " + String.Join<IPAddress>(", ", forwardedHeaderOptions.KnownProxies));
// required for XForwardedHost/For to take effect; also seems to interfere with
// XForwardedProto and caused redirect_uri to use http: instead of https:
forwardedHeaderOptions.KnownProxies.Clear();
forwardedHeaderOptions.KnownNetworks.Clear();
app.UseForwardedHeaders(forwardedHeaderOptions);
var config = new ConfigurationBuilder().AddJsonFile("sharedappsettings.json").Build();
Tracking.SetConfiguration();
app.Use((context, next) =>
{
context.Request.Scheme = config["RequestScheme"];
return next();
});
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles();
app.UseCors(builder => builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().AllowCredentials());
app.UseSession();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
Utility.Swagger.SwaggerConfig.ConfigureApplication(app, SwaggerApiVersion, SwaggerApiTitle);
Tracking.TrackEvent(Assembly.GetEntryAssembly().GetName().Name + ".Started");
}