在使用Https的情况下没有问题,换成http后登录成功但是不能完成正常跳转,此问题搞了我好几个晚上,终于今晚搞定了。问题原因是在mvc客户端和服务端都需要进行cookie配置,原因是非https的情况下cookie的策略问题,所以需要在服务端和客户端都要进行配置。
服务端net6,需要添加如下代码
1 builder.Services.Configure<CookiePolicyOptions>(option => 2 { 3 option.MinimumSameSitePolicy = SameSiteMode.Strict; 4 option.Secure = CookieSecurePolicy.None; 5 }); 6 7 app.UseCookiePolicy();
mvc客户端
1 public void ConfigureServices(IServiceCollection services) 2 { 3 services.AddControllersWithViews(); 4 5 JwtSecurityTokenHandler.DefaultMapInboundClaims = false; 6 7 services.AddAuthentication(options => 8 { 9 options.DefaultScheme = "Cookies"; 10 options.DefaultChallengeScheme = "oidc"; 11 12 }) 13 .AddCookie("Cookies") 14 .AddOpenIdConnect("oidc", options => 15 { 16 options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; 17 options.Authority = "http://localhost:5001"; 18 options.RequireHttpsMetadata = false;//此处是取消https 19 20 options.ClientId = "mvc"; 21 options.ClientSecret = "secret"; 22 options.ResponseType = "code"; 23 options.Scope.Add("profile"); 24 options.GetClaimsFromUserInfoEndpoint = true; 25 26 options.SaveTokens = true; 27 28 29 //必须设置cookie signin-oidc 返回的cookie设置,这里是添加的代码 30 options.CorrelationCookie.SecurePolicy = CookieSecurePolicy.None; 31 options.NonceCookie.SecurePolicy = CookieSecurePolicy.None; 32 options.CorrelationCookie.SameSite = SameSiteMode.Strict; 33 options.NonceCookie.SameSite = SameSiteMode.Strict; 34 35 36 options.Scope.Add("api1"); 37 options.Scope.Add("offline_access"); 38 }); 39 40 41 }
- identityserver4 identityserver 客户端 客户 问题identityserver4 identityserver客户端 客户 identityserver4 identityserver客户端 模式 identityserver4 identityserver证书 问题 identityserver4 identityserver问题 identityserver4 identityserver4 identityserver tokenrequestvalidator identityserver4 identityserver identityserver4 identityserver ocelot net6 identityserver4 identityserver net v4 identityserver4 identityserver密码 模式