Мультитенантное веб-приложение с Asp .NET Core - PullRequest
Новая
       26

Мультитенантное веб-приложение с Asp .NET Core

0 голосов
/ 10 апреля 2019

Я получаю ошибку ниже после того, как я установил приложение для многопользовательской Произошло необработанное исключение при обработке запроса.

SecurityTokenInvalidIssuerException: IDX10205: Ошибка проверки эмитента. Эмитент: https://sts.windows.net/2566cb39-d9fg-5ad6-tryb-d1e2kl067a89/'. не соответствует: validationParameters.ValidIssuer: 'null' или validationParameters.ValidIssuers: «https://sts.windows.net/{tenantid}/'.

Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler + d__12.MoveNext () Заголовки Cookies запросов стека SecurityTokenInvalidIssuerException: IDX10205: Ошибка проверки эмитента. Эмитент: https://sts.windows.net/2096cb39-d9fd-4ad6-bbeb-d1e2be067a89/'. не соответствует: validationParameters.ValidIssuer: 'null' или validationParameters.ValidIssuers: «https://sts.windows.net/{tenantid}/'. Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler + d__12.MoveNext () System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (Задача) System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (Task задача) Microsoft.AspNetCore.Authentication.AuthenticationMiddleware + d__6.MoveNext () System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (Задача) System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (Task задача) Microsoft.AspNetCore.Session.SessionMiddleware + d__9.MoveNext () Microsoft.AspNetCore.Session.SessionMiddleware + d__9.MoveNext () System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (Задача) System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (Task задача) Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware + d__7.MoveNext ()

Ниже приведен код startup.cs 

    using System;
    using System.Collections.Generic;
    using System.IO;
    using System.Linq;
    using System.Threading.Tasks;
    using LPPlusUI.Models;
    using Microsoft.AspNetCore.Authentication;
    using Microsoft.AspNetCore.Authentication.Cookies;
    using Microsoft.AspNetCore.Authentication.JwtBearer;
    using Microsoft.AspNetCore.Authentication.OpenIdConnect;
    using Microsoft.AspNetCore.Builder;
    using Microsoft.AspNetCore.Hosting;
    using Microsoft.EntityFrameworkCore;
    using Microsoft.Extensions.Configuration;
    using Microsoft.Extensions.DependencyInjection;
    using Microsoft.Extensions.FileProviders;
    using Microsoft.IdentityModel.Tokens;
    using ReflectionIT.Mvc.Paging;
    namespace LPPlusUI
    {
        public class Startup
        {
            public Startup(IConfiguration configuration)
            {
                Configuration = configuration;
            }
            public IConfiguration Configuration { get; }
            // This method gets called by the runtime. Use this method to add services to the container.
            public void ConfigureServices(IServiceCollection services)
            {
                services.AddAuthentication(sharedOptions =>
                {
                    sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                    sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
                })
                .AddAzureAd(options => Configuration.Bind("AzureAd", options))
                .AddCookie();
                services.AddDistributedMemoryCache();
                services.AddSession(options => {
                    options.IdleTimeout = TimeSpan.FromMinutes(30);//You can set Time   
                });
                services.AddMvc();
                services.AddPaging();
                var connection = @"string";
                services.AddDbContext<LPPlusExamContext>(options => options.UseSqlServer(connection));
            }
            //This method gets called by the runtime.Use this method to configure the HTTP request pipeline.
            public void Configure(IApplicationBuilder app, IHostingEnvironment env)
            {
                if (env.IsDevelopment())
                {
                    app.UseBrowserLink();
                    app.UseDeveloperExceptionPage();
                }
                else
                {
                    app.UseExceptionHandler("/Home/Error");
                }
                app.UseStaticFiles();
                app.UseSession();
                app.UseAuthentication();
                app.UseMvc(routes =>
                {
                    routes.MapRoute(
                        name: "default",
                        template: "{controller=Home}/{action=Index}/{id?}");
                });
            }
            }
        }

Ниже приведен код из appsettings.json 

    {
      "Logging": {
        "IncludeScopes": false,
        "LogLevel": {
          "Default": "Warning"
        }
      },
      "AzureAd": {
        "ClientId": "141b2123-d239-3568a-a713-4d4fg5781f57",
        "Domain": "lpstaging.onmicrosoft.com",
        "Instance": "https://login.microsoftonline.com/",
        "TenantId": "common",
        "CallbackPath": "/signin-oidc",
        "ClientSecret": "eVLSRM7yHjkjh678sghgjdGTh7shjkSgtGSU4=",
        "AppIDURL": "https://lpstaging.onmicrosoft.com/<app-id>",
        "ConfigView": "MVC"
      }
    }

1 Ответ

0 голосов
/ 10 апреля 2019

Я получил это работает ... 

services.AddAuthentication(options => { options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme; })
                .AddOpenIdConnect(options =>
                {
                    var azureadoptions = new AzureAdOptions(); Configuration.Bind("AzureAd", azureadoptions);
                    options.ClientId = $"{azureadoptions.ClientId}";
                    options.Authority = $"{azureadoptions.Instance}{azureadoptions.TenantId}";
                    options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
                    {
                        ValidateIssuer = false,
                        ValidAudience = $"{azureadoptions.ClientId}",
                        //ValidAudiences = new List<string> { $"{azureadoptions.ClientId}", $"api://{azureadoptions.ClientId}", $"https://myapp.azurewebsites.net/" },
                        //ValidIssuer = $"https://sts.windows.net/{azureadoptions.ClientId}/" // for "signInAudience": "AzureADMyOrg" or "AzureADMultipleOrgs"
                        //ValidIssuer = $"{azureadoptions.Instance}{azureadoptions.TenantId}" // for "signInAudience": "AzureADandPersonalMicrosoftAccount"
                        //ValidIssuers = new List<string> { $"https://sts.windows.net/{azureadoptions.TenantId}/", $"{azureadoptions.Instance}{azureadoptions.TenantId}/v2.0" }                        
                    };
                    //Log.LogInformation($"the AddJwtBearer options have been configured for ClientId = {azureadoptions.ClientId}");
                })
                .AddCookie();
Добро пожаловать на сайт PullRequest, где вы можете задавать вопросы и получать ответы от других членов сообщества.

Похожие темы

...