我有身份服务器运行在我的本地开发机器上,这是好的,但一旦我在服务器上发布它(Azure VM),我开始有一些问题。
我现在遇到的问题是,我无法再将用户重定向到身份服务器,当我尝试这样做时,
无法从{domain}/. well-known/openid-configuration检索文档/无法从{domain}/.well-known/openid-configuration获取配置
我确实认为这可能与:
1.云闪DNS
- IIS未将用户重定向到新目标
- SSL(但我使用的是cloudflare SSL,所以我不知道这里出了什么问题)
我的配置如下所示
builder.Services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
}).AddCookie("Cookies", c => c.ExpireTimeSpan = TimeSpan.FromMinutes(10))
.AddOpenIdConnect("oidc", options =>
{
options.Authority = builder.Configuration["ApiUrls:Identity"];
options.GetClaimsFromUserInfoEndpoint = true;
options.ClientId = "DD";
options.ClientSecret = "Secret";
options.ResponseType = "code";
options.TokenValidationParameters.NameClaimType = "name";
options.TokenValidationParameters.RoleClaimType = "role";
options.Scope.Add("DD");
options.SaveTokens = true;
});
app.UseDeveloperExceptionPage();
IdentityModelEventSource.ShowPII = true;
ServicePointManager.Expect100Continue = true;
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();以前有人遇到过类似问题吗?
更新
这是网站产生的错误
An unhandled exception occurred while processing the request.
IOException: IDX20807: Unable to retrieve document from: '{domain}/.well-known/openid-configuration'. HttpResponseMessage: 'StatusCode: 404, ReasonPhrase: 'Not Found', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
{
Date: Sun, 27 Nov 2022 13:36:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkJDW9dWlc1yD5HbTg6xBj%2FIBskcJxGOPMLGrJCuP8GzY0%2Fs0sEMM6%2BVf3b9ywC6zT%2BjHmgzkO2QEcQntd%2FaHlzxknmce9FZWXAHcHfUaIYsAAEHugRrGb8xc6MHWzTxQZ8pB2xGeKcq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770b402c1e157697-LHR
Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Type: text/html
}', HttpResponseMessage.Content: '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>404 - File or directory not found.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>404 - File or directory not found.</h2>
<h3>The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.</h3>
</fieldset></div>
</div>
</body>
</html>
'.
Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(string address, CancellationToken cancel)
InvalidOperationException: IDX20803: Unable to obtain configuration from: '{domain}/.well-known/openid-configuration'.
Microsoft.IdentityModel.Protocols.ConfigurationManager<T>.GetConfigurationAsync(CancellationToken cancel)
1条答案
按热度按时间bvhaajcl1#
经过几天的搜索Stackoverflow和搜索互联网,我发现IdentityPool应该设置为LocalSystem才能允许通信通过。
当我从本地VisualStudio项目中调用API时,最有帮助的是什么。
一旦我得到(你没有权限访问这个文件夹),我改变了身份池和一切工作正常。