我刚刚将我的项目从.NET 7升级到.NET 8,OpenID Connect to AzureAD停止工作。以下代码在.NET 7中工作:
authenticationBuilder.AddOpenIdConnect(authenticationScheme: "AzureAd", displayName: "Azure Active Directory", options =>
{
string oidcInstance = configuration["AzureAd:Instance"]!;
string oidcDomain = configuration["AzureAd:Domain"]!;
string oidcClientId = configuration["AzureAd:ClientId"]!;
string oidcTenantId = configuration["AzureAd:TenantId"]!;
string oidcClientSecret = configuration["AzureAd:ClientSecret"]!;
options.Authority = $"https://login.microsoftonline.com/{oidcTenantId}/v2.0/";
options.RequireHttpsMetadata = false;
options.ClientId = oidcClientId;
options.ClientSecret = oidcClientSecret;
options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
options.TokenValidationParameters.IssuerValidator = AadIssuerValidator.GetAadIssuerValidator(oidcInstance).Validate;
options.GetClaimsFromUserInfoEndpoint = true;
options.MapInboundClaims = false;
options.TokenValidationParameters.NameClaimType = "name";
options.CallbackPath = new PathString("/signin-oidc");
options.SignedOutCallbackPath = new PathString("/signout-callback-oidc");
options.RemoteSignOutPath = new PathString("/signout-oidc");
//Setting the following has no effect.
//options.MetadataAddress = $"https://login.microsoftonline.com/{oidcTenantId}/v2.0/.well-known/openid-configuration";
options.Events.OnUserInformationReceived = async userInformationReceivedContext =>
{
//...
};
});
字符串
在.NET 8中出现以下错误:
IOException:IDX20807:无法从以下位置检索文档:“https://login.microsoftonline.com/v2.0/.well-known/openid-configuration '. HttpResponseMessage:”StatusCode:400,ReasonPhrase:“Bad Request”,版本:1.1,内容:System.Net.Http.HttpConnectionResponseContent,标头:
{
缓存控制:私有
安全传输:max-age=31536000; includeSubDomains
X-Content-Type-Options:nosniff
控制-允许-来源:*
方法:GET,OPTIONS
P3P:CP=“DSP CUR OTPi IND OTRi ONL FIN”
x-ms-request-id:4379b336-fe23-4d6c-95c6-d71717573e00
x-ms-ests-server:2.1.16790.7 - SCUS磁盘切片
X-XSS-保护:0
设置Cookie:fpc=Av3iPXMPIHBMgE-fomXi7KM; expires=Sun,17-Dec-2023 02:58:22 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie:x-ms-gateway-slice=estsfd; path=/; secure; httponly
日期:2023年11月17日星期五02:58:21 GMT
Content-Type:application/json; charset=utf-8
内容长度:649
}“,HttpResponseMessage.Content:”{“error”:“invalid_tenant”,“error_description”:“AADSTS 90002:未找到租户”v2.0“。请检查以确保您具有正确的租户ID并且正在登录到正确的云。请与您的订阅管理员联系,如果租户没有活动的订阅,则可能会发生这种情况。跟踪ID:4379 b336-fe 23 - 4d 6c-95 c6-d 71717573 e00相关ID:0 c5 cf 6 f7 - 311 f-4122-a547-aaee 24 d3159 e时间戳:2023-11-17 02:58:22 Z”,“错误代码”:[90002],“时间戳”:“2023-11-17 02:58:22 Z”,“trace_id”:“4379 b336-fe 23 - 4d 6c-95 c6-d 71717573 e00”,“correlation_id”:“0 c5 cf 6 f7 - 311 f-4122-a547-aaee 24 d3159 e”,“error_uri”:“https://login.microsoftonline.com/error?code=90002“}”.
如果你能帮忙的话,我将不胜感激。
1条答案
按热度按时间vvppvyoh1#
我试着用你的代码,即使我得到了类似的错误代码。
字符串
TokenValidationParameters
。型
TokenValidationParameters
如下。型
Program.cs
文件:*型