如何解决Microsoft.Web.Identity nuget >=1.9.2 使用 401 响应中断 AppService/Azure AD 登录
使用托管在 Azure 应用服务(由 linux 应用服务计划支持)上的普通 vanilla(来自 VS2019 的开箱即用示例 asp.net 5 MVC Web 应用)进行测试。除了添加 [Authorize] 标记以针对来自默认控制器的单个视图进行测试之外,没有任何更改或添加。
Azure 中的默认应用服务,Azure AD 中的默认应用注册。
我注意到每个版本的 Microsoft.Web.Identity >=1.9.2 在应用服务中运行时都会中断(但在本地运行良好)。当尝试访问受保护的视图时,它将返回 401。降级到 1.9.1 会将我重定向到登录页面。是否有一些我遗漏的额外配置?
我的应用设置配置
"AzureAd": {
"Instance": "https://login.microsoftonline.com/","Domain": "mydomain.org","TenantId": "XXX","ClientId": "XXX","CallbackPath": "/signin-oidc","SignedOutCallbackPath": "/signout-oidc"
},
我的startup.cs
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAd"));
services.AddControllersWithViews(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new Authorizefilter(policy));
});
services.AddRazorPages()
.AddMicrosoftIdentityUI();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app,IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios,see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",pattern: "{controller=Home}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
}
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。