Ответ аутентификации был отклонен, потому что параметр состояния отсутствовал

Question

Я решил войти с Steam в Asp.net Core 2.1, я использую AspNet.Security.OpenId.Steam пакет nuget для подключения , при вызове метода sigin, страница клиента перенаправляется на steam, а после входа в систему с steam перезвонит на мой сервер, но не аутентифицируется запрос и отклоняется ...

1-в Startup.cs

public void Configure(IApplicationBuilder app, IHostingEnvironment env,IConfiguration configuration,ApplicationDbContext applicationDbContext,ApplicationDbContextBase applicationDbContextBase)
{

            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
                app.UseDatabaseErrorPage();
            }
            else
            {
                app.UseHsts();
            }


            app.UseDeveloperExceptionPage();
            app.UseDatabaseErrorPage();


            app.UseCors(option => option.AllowAnyHeader().AllowAnyMethod().AllowAnyOrigin());
            app.UseStaticFiles();
            app.UseAuthentication();
            app.UseHttpsRedirection();


            AppHttpContext.Configure(app.ApplicationServices.GetRequiredService<IHttpContextAccessor>());

            applicationDbContext.MigrateToLastChange();

        }

2 - в сервисе .cs

public static IServiceCollection SetupNegatechApi(this IServiceCollection services, IConfiguration configuration)
        {
            //TODO: add services here...

            services.AddMvc()

                .AddJsonOptions(options =>
                {
                    options.SerializerSettings.ContractResolver =
                        new CamelCasePropertyNamesContractResolver();
                    options.SerializerSettings.ReferenceLoopHandling = ReferenceLoopHandling.Ignore;
                });

            //Assign User & Role Model And DbContext To Identity
            services.AddIdentity<ApplicationIdentityUser, ApplicationIdentityRole>().AddDefaultTokenProviders().AddEntityFrameworkStores<ApplicationDbContextBase>();


            //Get Auth Key & Convert To Byte;
            var AuthInfo = configuration.GetSection("Auth").Get<AppSettings>();
            var SSKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(AuthInfo.SecurityKey));


            //Config Identity Password & JWT Config
            services.Configure<IdentityOptions>(options =>
            {
                options.Password.RequiredLength = 6;
                options.Password.RequireNonAlphanumeric = false;
                options.Password.RequireUppercase = false;
                options.Password.RequireLowercase = false;
                options.Password.RequireDigit = false;

            })
            .AddAuthentication(option =>
            {
                option.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                option.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(option =>
            {
                option.RequireHttpsMetadata = false;
                option.SaveToken = true;


                option.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuer = true,
                    ValidateAudience = true,
                    ValidateLifetime = true,
                    ValidateIssuerSigningKey = true,
                    ValidIssuer = AuthInfo.Issuer,
                    ValidAudience = AuthInfo.Audienc,
                    IssuerSigningKey = SSKey,
                    ClockSkew = TimeSpan.Zero
                };
            })
            .AddCookie()
            .AddSteam(op =>
            {
                configuration.Bind(op);
                op.ClaimsIssuer = AuthInfo.Issuer;
                op.SaveTokens = true;
                op.CallbackPath = "/api/Steam/SteamCallBack";
                op.RequireHttpsMetadata = false;
            });

            services.Configure<IISOptions>(op => op.AutomaticAuthentication = false);


            //Register Configuration For Dependncy Injection
            services.AddSingleton<IConfiguration>(configuration);

            services.AddSingleton<IFileProvider>(new PhysicalFileProvider(Path.Combine(Directory.GetCurrentDirectory(), "wwwroot/$gallery")));

            return services;
        }

3-дюймовый контроллер

    [ApiController]
    [ApiExplorerSettings(GroupName = "public")]
    [Route("api/[controller]/[action]")]
    public class SteamController : BaseController
    {

        [HttpPost]
        public async Task<IActionResult> Signin()
        {
            var auth = new AuthenticationProperties { RedirectUri = "/api/Steam/SteamCallBack" };
            return Challenge(auth,"Steam" );
        }

        [HttpGet]
        public IActionResult SteamCallBack(string state,openid openid)
        {
            //breack point
            return Redirect("http://localhost:3000/profile?id=" + "test");
        }

    }


    public class openid
    {
        public string claimed_id { get; set; }
        public string identity { get; set; }
        public string return_to { get; set; }
        public string response_nonce { get; set; }
        public string assoc_handle { get; set; }
        public string signed { get; set; }
        public string sig { get; set; }
    }

4-дюймовый HTML-файл

<form id="steam_form" action="https://localhost:44315/api/Steam/Signin" method="post">
   //Submit Login form to api server
  <button type="submit"> Login</button>
</form>

5 - ошибка результата после обратного вызова http://s8.picofile.com/file/8365103326/Untitled.png