asp.net IDX21323:RequireNonce为“[PII被隐藏]”,OpenIdConnectProtocolValidationContext,Nonce为空

jhiyze9q  于 2022-11-19  发布在  .NET
关注(0)|答案(1)|浏览(218)

我知道有几个线程在同一个,但没有一个解决方案为我工作,有任何解决方案。奇怪的是,当我在IE中运行应用程序时,它在哪里工作,就像在边缘我进入这个问题
IDX21323:RequireNonce为“[PII被隐藏]”。OpenIdConnectProtocolValidationContext.Nonce为空,OpenIdConnectProtocol.ValidatedIdToken.负载.Nonce不为空。无法验证Nonce。如果不需要检查Nonce,请将OpenIdConnectProtocolValidator.RequireNonce设置为“false”。请注意,如果找到“Nonce”,则将对其进行计算。
下面是代码

public class Startup
{
    // The Client ID is used by the application to uniquely identify itself to Azure AD.
    string clientId = System.Configuration.ConfigurationManager.AppSettings["ClientId"];

    // RedirectUri is the URL where the user will be redirected to after they sign in.
    string redirectUri = System.Configuration.ConfigurationManager.AppSettings["RedirectUri"];

    // Tenant is the tenant ID (e.g. contoso.onmicrosoft.com, or 'common' for multi-tenant)
    static string tenant = System.Configuration.ConfigurationManager.AppSettings["Tenant"];

    // Authority is the URL for authority, composed by Microsoft identity platform endpoint and the tenant name (e.g. https://login.microsoftonline.com/contoso.onmicrosoft.com/v2.0)
    string authority = String.Format(System.Globalization.CultureInfo.InvariantCulture, System.Configuration.ConfigurationManager.AppSettings["Authority"], tenant);

    /// <summary>
    /// Configure OWIN to use OpenIdConnect 
    /// </summary>
    /// <param name="app"></param>
    public void Configuration(IAppBuilder app)
    {
        app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

        app.UseCookieAuthentication(new CookieAuthenticationOptions());
        app.UseOpenIdConnectAuthentication(
        new OpenIdConnectAuthenticationOptions
        {
            // Sets the ClientId, authority, RedirectUri as obtained from web.config
            ClientId = clientId,
            Authority = authority,
            RedirectUri = redirectUri,
            // PostLogoutRedirectUri is the page that users will be redirected to after sign-out. In this case, it is using the home page
            PostLogoutRedirectUri = redirectUri,
            Scope = OpenIdConnectScope.OpenIdProfile,
            // ResponseType is set to request the code id_token - which contains basic information about the signed-in user
            ResponseType = OpenIdConnectResponseType.CodeIdToken,
            // OpenIdConnectAuthenticationNotifications configures OWIN to send notification of failed authentications to OnAuthenticationFailed method
            Notifications = new OpenIdConnectAuthenticationNotifications
            {
                AuthenticationFailed = OnAuthenticationFailed
            }
        }
    );
    }

    /// <summary>
    /// Handle failed authentication requests by redirecting the user to the home page with an error in the query string
    /// </summary>
    /// <param name="context"></param>
    /// <returns></returns>
    private Task OnAuthenticationFailed(AuthenticationFailedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
    {
        context.HandleResponse();
        context.Response.Redirect("/?errormessage=" + context.Exception.Message);
        return Task.FromResult(0);
    }
}

我尝试了可用的选项,但没有任何工作,有任何可能的解决方案吗
已引用此OpenIdConnectProtocolValidationContext.Nonce was null

yjghlzjz

yjghlzjz1#

请尝试更新您的Microsoft.Owin.Security.OpenIdConnect软件包,使其与您的其他Owin软件包的版本号相匹配,如this related thread中所述。

Microsoft.Owin [4.1.1]
Microsoft.Owin.Security [4.1.1]
Microsoft.Owin.Security.Cookies [4.1.1]

如果您使用的是Google Chrome,请确保您也已更新到最新版本的Chrome,或在其他浏览器中测试。(This guide讨论了导致此错误的Chrome问题。

相关问题