Microsoft 身份验证注销不起作用
Posted
技术标签:
【中文标题】Microsoft 身份验证注销不起作用【英文标题】:Microsoft Authentication Logout not working 【发布时间】:2020-11-30 08:21:29 【问题描述】:已经为此奋斗了 2 天...现在需要一些帮助。
我正在使用 Visual Studio 2019 中的 Razor Pages 使用 ASP.NET Core 3.1 开发一个项目。该项目具有本地帐户,能够注册其他外部帐户,例如 Microsoft、Facebook 等。我遵循了有关 Microsoft 文档的教程设置 Microsoft 身份验证,当登录正常工作时,注销不会清除会话。
为了测试问题,我从头开始构建了应用程序,没有进行任何修改,按照说明操作我仍然遇到同样的问题...注销不会重定向到 Microsoft 以注销。
体验:当我登录和/或注册时,会在 dbo.AspNetUsers 数据表中创建一个帐户。我可以毫无问题地使用我的 Microsoft 帐户登录,重定向工作等。当我注销时,我得到标准的 ASP.NET 注销页面,但没有 Microsoft 注销页面。现在,当我返回并单击登录时,没有提示输入用户名/密码。这里的问题是,在有多个用户的系统上,如果用户不清除 cookie 和历史记录,他们将获得以前用户信息的访问权限......并且他们将无法登录,因为循环会重复,直到 cookie被手动清除。我不想使用新的 Azure AD 身份验证,因为它不适用于本地帐户,因此目前不适合我,因为它仍处于预览阶段。
我的应用注册设置是:
重定向 URI
https://localhost:44323/ https://localhost:44323/signin-microsoft退出网址
https://localhost:44323/signout-oidc任何有助于注销的指针都会很棒。
以下是我的代码示例(可在 Microsoft Docs Microsoft Account Documentation 上找到):
Startup.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Identity.UI;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.EntityFrameworkCore;
using MSAuth.Data;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
namespace MSAuth
public class Startup
public Startup(IConfiguration configuration)
Configuration = configuration;
public IConfiguration Configuration get;
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<IdentityUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddRazorPages();
services.AddAuthentication().AddMicrosoftAccount(microsoftOptions =>
microsoftOptions.ClientId = Configuration["Authentication:Microsoft:ClientId"];
microsoftOptions.ClientSecret = Configuration["Authentication:Microsoft:ClientSecret"];
);
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
if (env.IsDevelopment())
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
else
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
endpoints.MapRazorPages();
);
注销.cshtml.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.Extensions.Logging;
namespace MSAuth.Areas.Identity.Pages.Account
[AllowAnonymous]
public class LogoutModel : PageModel
private readonly SignInManager<IdentityUser> _signInManager;
private readonly ILogger<LogoutModel> _logger;
public LogoutModel(SignInManager<IdentityUser> signInManager, ILogger<LogoutModel> logger)
_signInManager = signInManager;
_logger = logger;
public void OnGet()
public async Task<IActionResult> OnPost(string returnUrl = null)
await _signInManager.SignOutAsync();
_logger.LogInformation("User logged out.");
if (returnUrl != null)
return LocalRedirect(returnUrl);
else
return RedirectToPage();
_LoginPartial.cshtml
@using Microsoft.AspNetCore.Identity
@inject SignInManager<IdentityUser> SignInManager
@inject UserManager<IdentityUser> UserManager
<ul class="navbar-nav">
@if (SignInManager.IsSignedIn(User))
<li class="nav-item">
<a class="nav-link text-dark" asp-area="Identity" asp-page="/Account/Manage/Index" title="Manage">Hello @User.Identity.Name!</a>
</li>
<li class="nav-item">
<form class="form-inline" asp-area="Identity" asp-page="/Account/Logout" asp-route-returnUrl="@Url.Page("/", new area = "" )" method="post" >
<button type="submit" class="nav-link btn btn-link text-dark">Logout</button>
</form>
</li>
else
<li class="nav-item">
<a class="nav-link text-dark" asp-area="Identity" asp-page="/Account/Register">Register</a>
</li>
<li class="nav-item">
<a class="nav-link text-dark" asp-area="Identity" asp-page="/Account/Login">Login</a>
</li>
</ul>
【问题讨论】:
【参考方案1】:不要在 _LoginPartial.cshtml 中使用 @if (SignInManager.IsSignedIn(User)),而是将其更改为注入字段的 _signInManager。 SignInManager 是一个注入的类。
【讨论】:
【参考方案2】:看看这些
http://www.binaryintellect.net/articles/3d6ce8b3-cb62-42b7-bedc-5e7f2fb9d017.aspx
http://docs.identityserver.io/en/latest/topics/signout_external_providers.html
看起来退出外部用户是你的责任...
public IActionResult SignOut(string signOutType)
if (signOutType == "app")
HttpContext.SignOutAsync().Wait();
if (signOutType == "all")
return Redirect("https://login.microsoftonline.com/common/oauth2/v2.0/logout");
return RedirectToAction("Index");
【讨论】:
以上是关于Microsoft 身份验证注销不起作用的主要内容,如果未能解决你的问题,请参考以下文章
Microsoft 认知服务 - 身份验证问题,无法获取访问令牌