Identity Server 4 не работает при развертывании на веб-сайте Azure

Question

Я использую Identity Server и настраиваю его так, чтобы все мои основные сайты Asp.net и Asp.net могли использовать одну и ту же логику аутентификации. У меня есть Identity Server 4, работающий на .net core 2.1, работающем на моем компьютере, и демонстрационный клиент Asp.Net MVC 5, который работает на моем компьютере, но когда я развертываю часть Identity Server в Azure, я больше не могу проходить аутентификацию в MVC 5 клиент, хотя приложение работает нормально и позволяет мне войти в систему.

Это сообщение об ошибке, которое я продолжаю получать в клиенте MVC

   Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:


[SocketException (0x2746): An existing connection was forcibly closed by the remote host]
   System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult) +83
   System.Net.Sockets.NetworkStream.EndRead(IAsyncResult asyncResult) +57

[IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.]
   System.Net.TlsStream.EndWrite(IAsyncResult asyncResult) +232
   System.Net.PooledStream.EndWrite(IAsyncResult asyncResult) +13
   System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar) +119

[WebException: The underlying connection was closed: An unexpected error occurred on a send.]
   System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult) +623
   System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar) +64

[HttpRequestException: An error occurred while sending the request.]
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   System.Net.Http.<FinishSendAsyncBuffered>d__58.MoveNext() +745
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.IdentityModel.Protocols.<GetDocumentAsync>d__8.MoveNext() +362

[IOException: IDX20804: Unable to retrieve document from: 'https://login.somesite.com/.well-known/openid-configuration'.]
   Microsoft.IdentityModel.Protocols.<GetDocumentAsync>d__8.MoveNext() +666
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.IdentityModel.Protocols.OpenIdConnect.<GetAsync>d__3.MoveNext() +291
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task) +25
   Microsoft.IdentityModel.Protocols.<GetConfigurationAsync>d__24.MoveNext() +1129

[InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://login.somesite.com/.well-known/openid-configuration'.]
   Microsoft.IdentityModel.Protocols.<GetConfigurationAsync>d__24.MoveNext() +1586
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Security.OpenIdConnect.<ApplyResponseChallengeAsync>d__c.MoveNext() +575
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Security.Infrastructure.<ApplyResponseCoreAsync>d__b.MoveNext() +282
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Security.Infrastructure.<ApplyResponseAsync>d__8.MoveNext() +275
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Security.Infrastructure.<TeardownAsync>d__5.MoveNext() +160
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +815
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<RunApp>d__5.MoveNext() +182
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +638
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<RunApp>d__5.MoveNext() +182
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<DoFinalWork>d__2.MoveNext() +180
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult.End(IAsyncResult ar) +69
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.IntegratedPipelineContext.EndFinalWork(IAsyncResult ar) +64
   System.Web.AsyncEventExecutionStep.InvokeEndHandler(IAsyncResult ar) +156
   System.Web.AsyncEventExecutionStep.OnAsyncEventCompletion(IAsyncResult ar) +123

Конфигурация MVC 5 находится ниже

    app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
    {
        ClientId = "mysite.tools",
        ClientSecret = "junkhere",
        Authority = Constants.BaseAddress,
        RedirectUri = "http://localhost:34341/",
        PostLogoutRedirectUri = "http://localhost:34341/",
        ResponseType = "code id_token",
        Scope = "openid email mysite.profile",
        RequireHttpsMetadata = System.Configuration.ConfigurationManager.AppSettings["OpenIdConnect.RequireHttpsMetadata"] != "false",
        BackchannelTimeout = new TimeSpan(0,10,0),                
        TokenValidationParameters = new TokenValidationParameters
        {
            NameClaimType = "name",
            RoleClaimType = "role"
        },

        SignInAsAuthenticationType = "Cookies",

    });

Кажется настолько странным, что он работает только при локальном тестировании.

Answer 1

Итак, изучив свойства BackChannel и опровергнув это, я пошел и посмотрел на все параметры на сайте внутри Azure.Сайт настроен на использование https и имеет действующий сертификат SSL, но пока я не отключил параметр «Только HTTPS» в настройках SSL, он не работал.Кое-что о том, как Azure обрабатывает HTTPS-перенаправление, даже если вызов уже https тормозит процесс.