1、处理OIDC基础代码
builder.Services.AddAuthentication(options => { options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme; }).AddCookie(options => { options.LoginPath = "/login"; options.LogoutPath = "/logout"; options.ExpireTimeSpan = TimeSpan.FromMinutes(50); options.SlidingExpiration = false; }) .AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options => { options.RequireHttpsMetadata = false; options.Authority = "http://localhost:5276/"; options.ClientId = "mvc"; options.ResponseType = "id_token token"; options.ResponseMode = "form_post"; options.ClientSecret = "901564A5-E7FE-42CB-B10D-61EF6A8F3654"; options.CallbackPath = PathString.FromUriComponent("/signin-oidc"); options.SignedOutCallbackPath = PathString.FromUriComponent("/signout-oidc"); options.Scope.Add("profile"); options.Scope.Add("email"); });
2、在OpenIddict中数据库中配好回调地址
3、启动后转到登录
http://localhost:5276/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A5148%252Fsignin-oidc%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%26response_mode%3Dform_post%26nonce%3D638291509198519562.YmYwMGU5MGUtMjk3Zi00YmQxLWEwNmUtZmYxNDk3YzEyOWNlYmRkMGI0ZTItMjlkYy00ZTE2LWFkMmQtZDUzZmVjNDliOWE2%26state%3DCfDJ8OrXxRMgxGRIhS4hwwFz0NPo_EevsZRjEK4SrwxMgFds9MzbYpf-5lYeboNorekCysTM8euEaYMoZVlqbsaOynqJ_mnKTVV0msrTY3yFT4ampo8wAKkV147ilzj8fWA94erS8HxNYAO6Nc2amdCUjSV8KcLH22tfm_wXoc6MuyEEIQvl_kxBpLbwdsp7-6LWHQlJeg8l1dngW0Il353GSV2IbsaRkBlCOqUduvRDBboUW-LDctffGnCAY2Xcibqo9KSQ9LGMMPTuZKyZJWPXy16o-_2o-QaJYJEC3-Y9DUHv%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D6.10.0.0%26prompt%3D
获取下授权信息
看下本地信息Cookies信息 Cookies为本地的 Application的为服务端签发的,这里本地测试需要注意设置Cookies同源的问题,SameSite可以设置为Lax,否则请采用Secure为True
服务端本地都加上
app.UseCookiePolicy(new CookiePolicyOptions { MinimumSameSitePolicy = SameSiteMode.Lax });
