部署到 Azure 网站时,Identity Server 4 无法正常工作

【问题标题】:Identity Server 4 not working when deployed to Azure Web Site部署到 Azure 网站时,Identity Server 4 无法正常工作
【发布时间】:2019-03-31 17:58:42
【问题描述】:

我正在使用 Identity Server 并对其进行设置,以便我所有的各种 Asp.net 和 Asp.net 核心站点都可以使用相同的身份验证逻辑。我在我的机器上运行的 .net core 2.1 上运行 Identity Server 4,在我的机器上运行的演示客户端是 Asp.Net MVC 5,但是当我将 Identity Server 部分部署到 Azure 时,我无法再在 MVC 5 中进行身份验证客户端,即使应用程序似乎运行良好并允许我登录。

这是我在 MVC 客户端中不断收到的错误消息

   Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:


[SocketException (0x2746): An existing connection was forcibly closed by the remote host]
   System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult) +83
   System.Net.Sockets.NetworkStream.EndRead(IAsyncResult asyncResult) +57

[IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.]
   System.Net.TlsStream.EndWrite(IAsyncResult asyncResult) +232
   System.Net.PooledStream.EndWrite(IAsyncResult asyncResult) +13
   System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar) +119

[WebException: The underlying connection was closed: An unexpected error occurred on a send.]
   System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult) +623
   System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar) +64

[HttpRequestException: An error occurred while sending the request.]
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   System.Net.Http.<FinishSendAsyncBuffered>d__58.MoveNext() +745
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.IdentityModel.Protocols.<GetDocumentAsync>d__8.MoveNext() +362

[IOException: IDX20804: Unable to retrieve document from: 'https://login.somesite.com/.well-known/openid-configuration'.]
   Microsoft.IdentityModel.Protocols.<GetDocumentAsync>d__8.MoveNext() +666
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.IdentityModel.Protocols.OpenIdConnect.<GetAsync>d__3.MoveNext() +291
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task) +25
   Microsoft.IdentityModel.Protocols.<GetConfigurationAsync>d__24.MoveNext() +1129

[InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://login.somesite.com/.well-known/openid-configuration'.]
   Microsoft.IdentityModel.Protocols.<GetConfigurationAsync>d__24.MoveNext() +1586
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Security.OpenIdConnect.<ApplyResponseChallengeAsync>d__c.MoveNext() +575
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Security.Infrastructure.<ApplyResponseCoreAsync>d__b.MoveNext() +282
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Security.Infrastructure.<ApplyResponseAsync>d__8.MoveNext() +275
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Security.Infrastructure.<TeardownAsync>d__5.MoveNext() +160
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +815
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<RunApp>d__5.MoveNext() +182
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +638
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<RunApp>d__5.MoveNext() +182
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<DoFinalWork>d__2.MoveNext() +180
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult.End(IAsyncResult ar) +69
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.IntegratedPipelineContext.EndFinalWork(IAsyncResult ar) +64
   System.Web.AsyncEventExecutionStep.InvokeEndHandler(IAsyncResult ar) +156
   System.Web.AsyncEventExecutionStep.OnAsyncEventCompletion(IAsyncResult ar) +123

MVC 5 配置如下

    app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
    {
        ClientId = "mysite.tools",
        ClientSecret = "junkhere",
        Authority = Constants.BaseAddress,
        RedirectUri = "http://localhost:34341/",
        PostLogoutRedirectUri = "http://localhost:34341/",
        ResponseType = "code id_token",
        Scope = "openid email mysite.profile",
        RequireHttpsMetadata = System.Configuration.ConfigurationManager.AppSettings["OpenIdConnect.RequireHttpsMetadata"] != "false",
        BackchannelTimeout = new TimeSpan(0,10,0),                
        TokenValidationParameters = new TokenValidationParameters
        {
            NameClaimType = "name",
            RoleClaimType = "role"
        },

        SignInAsAuthenticationType = "Cookies",

    });

它似乎很奇怪,它只在本地测试时才有效。

【问题讨论】:

  • 这件事不久前发生在我身上。问题是客户端使用的是 Windows 的默认代理,它阻止了与 Azure 的连接。您可以为此设置 BackChannel 属性
  • @Camilo Terevinto 您将 BackChannel 属性设置为什么?我尝试将其设置为 Null 以查看它是否会绕过其中的一些,但它只使用默认值。

标签: c# .net asp.net-mvc identityserver4


【解决方案1】:

因此,在查看了 BackChannel 属性并将其排除在外后,我去查看了 Azure 内部站点上的所有设置。该站点设置为使用 https 并具有有效的 SSL 证书,但在我关闭 SSL 设置下的“仅 HTTPS”设置之前,它不起作用。即使调用已经是 https,Azure 如何处理 HTTPS 重定向也阻碍了进程。

【讨论】:

猜你喜欢
  • 2018-10-13
  • 1970-01-01
  • 2019-04-09
  • 1970-01-01
  • 2013-10-20
  • 2020-04-09
  • 1970-01-01
  • 1970-01-01
  • 2021-10-24
相关资源
最近更新 更多
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode