_signInManager.GetExternalLoginInfoAsync() 为 Apple 登录返回 null
Posted
技术标签:
【中文标题】_signInManager.GetExternalLoginInfoAsync() 为 Apple 登录返回 null【英文标题】:_signInManager.GetExternalLoginInfoAsync() returns null for Apple Login 【发布时间】:2021-11-16 12:47:27 【问题描述】:我在使用 Microsoft Identity Framework 进行用户管理的 .Net Core Razor Pages 应用 (.Net 5) 中设置了“使用 Apple 登录”。
我遵循了 Scott 的 this 教程,它对我的 Apple 登录页面有所帮助。
但是在调用回调端点时成功登录后,我在_signInManager.GetExternalLoginInfoAsync()
方法调用中得到null
。
我最初的研究表明,ID 令牌可能不包含所需的数据。
这是正确的,因为 Apple 返回的 ID Token 不包含 email
或 name
,即使在 scope
中请求。
样品请求:https://appleid.apple.com/auth/authorize?client_id=net.demo.client&redirect_uri=https%3A%2F%2Fdemo.website.net%2Fsignin-apple&response_type=code%20id_token&scope=email%20name&response_mode=form_post&nonce=637679-omitted
这是从Startup.ConfigureServices()
方法调用的身份验证设置:
IdentityModelEventSource.ShowPII = true;
services.AddAuthentication(options =>
//options.DefaultAuthenticateScheme = "cookie";//Commented because this line was causing the Google login stop.
//options.DefaultChallengeScheme = "apple";//Commented because this line was causing the Google login stop.
)
.AddCookie("cookie")
.AddOpenIdConnect("apple", "Apple", async options =>
options.Authority = "https://appleid.apple.com"; // disco doc: https://appleid.apple.com/.well-known/openid-configuration
options.ResponseType = "code id_token";
options.SignInScheme = "cookie";
options.DisableTelemetry = true;
options.Scope.Clear(); // otherwise I had consent request issues
options.Scope.Add("email");
options.Scope.Add("name");
options.ClientId = "net.demo.client"; // Service ID
options.CallbackPath = "/signin-apple"; // corresponding to your redirect URI
options.Events.OnAuthorizationCodeReceived = context =>
context.TokenEndpointRequest.ClientSecret = TokenGenerator.CreateNewToken();
return Task.CompletedTask;
;
options.Events.OnRedirectToIdentityProvider = context =>
var builder = new UriBuilder(context.ProtocolMessage.RedirectUri);
builder.Scheme = "https";
builder.Port = -1;
context.ProtocolMessage.RedirectUri = builder.ToString();
return Task.FromResult(0);
;
options.UsePkce = false; // apple does not currently support PKCE (April 2021)
)
;
这里是回调端点:
public async Task<IActionResult> OnGetCallbackAsync(string returnUrl = null, string remoteError = null)
returnUrl = returnUrl ?? Url.Content("~/");
if (remoteError != null)
ErrorMessage = $"Error from external provider: remoteError";
return RedirectToPage("./Login", new ReturnUrl = returnUrl );
var info = await _signInManager.GetExternalLoginInfoAsync();//Returns null.
if (info == null)
ErrorMessage = "Error loading external login information.";
return RedirectToPage("./Login", new ReturnUrl = returnUrl );
//Code omitted...
【问题讨论】:
【参考方案1】:ASP.Net Identity 是否配置为使用“cookie”方案进行外部登录?
默认情况下它将使用IdentityConstants.ExternalScheme
。尝试使用:
options.SignInScheme = IdentityConstants.ExternalScheme;
而不是
options.SignInScheme = "cookie";
【讨论】:
以上是关于_signInManager.GetExternalLoginInfoAsync() 为 Apple 登录返回 null的主要内容,如果未能解决你的问题,请参考以下文章