ASP.NET CORE MVC 在发布到 IIS 时不起作用,特别是 Okta 集成

问题描述 投票:0回答:1
我正在尝试发布并部署到 IIS 的

net MVC 核心 Web 应用程序。我的应用程序使用 Okta 作为授权。从 VS 代码运行时它工作得很好,但是当我发布它并在 IIS 中创建应用程序,然后浏览它时,我收到一个

404错误:您的请求导致错误。 “redirect_uri”参数必须是客户端应用程序设置中的登录重定向 URI:https://myapp-admin.oktapreview.com/admin/app/oidc_client/instance/0qp0wpty1plmokgT09i7#tab-general

我已尝试按照 https://support.okta.com/help/s/article/The-redirect-uri-parameter-must-be-an-absolute-URI?language=en_US 的说明进行操作,但他们不会产生任何不同的结果,我真的很困惑为什么它在 VS code 中运行时工作正常,但在 IIS 中运行却不行。

在 Okta 中,我的登录重定向 URI 是 https://localhost:7128/okta-auth,我的注销重定向 URI 是 http://localhost:8080,仅由应用程序启动登录,并且我没有为启动登录设置任何内容URI。

在我的应用程序 appsettings.json 中,我设置了 Okta 

  "Okta": {
    "Issuer": "https://myapp.oktapreview.com/oauth2/default",
    "ClientId": "hidden",
    "ClientSecret": "hidden",
    "CallbackPath": "/okta-auth",
    "Authority": "https://myapp.oktapreview.com/oauth2/default"
  }

//启动.cs

 using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;

namespace okta_aspnetcore_mvc_example
{
    public class Startup
    {

        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {

            services.AddControllersWithViews();
            services.AddAuthentication(options =>
            {
                options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = "okta";

            })
                .AddCookie(options =>
                {
                })

                //let users sign in with okta account
                .AddOpenIdConnect("okta", options =>
                {
                    options.Authority = Configuration["Okta:Authority"];
                    options.ClientId = Configuration["Okta:ClientId"];
                    options.ClientSecret = Configuration["Okta:ClientSecret"];
                    options.CallbackPath = Configuration["Okta:CallbackPath"];
                    options.ResponseType = OpenIdConnectResponseType.Code;
                });
        }
        

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
                // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
                app.UseHsts();
            }
            app.UseHttpsRedirection();
            app.UseStaticFiles();

            app.UseRouting();

            app.UseAuthentication();

            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapControllerRoute(
                    name: "default",
                    pattern: "{controller=Home}/{action=Index}/{id?}");
            });
        }
    }
}

程序.cs

public class Program
{
    public static void Main(string[] args)
    {

        var builder = WebApplication.CreateBuilder(args);

        // Add services to the container.
        var startup = new Startup(builder.Configuration); //startup class

        startup.ConfigureServices(builder.Services); // Add services to the container.

        builder.Services.AddControllersWithViews();

        builder.Services.AddDbContext<ApplicationDbContext>(options => options.UseSqlServer(
            builder.Configuration.GetConnectionString("DefaultConnection")
        ));

        builder.Services.AddRazorPages();

        var app = builder.Build();
        startup.Configure(app, app.Environment); // Configure the HTTP request pipeline.

        // Configure the HTTP request pipeline.
        if (!app.Environment.IsDevelopment())
        {
            app.UseExceptionHandler("/Home/Error");
            // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();

        app.UseRouting();

        app.UseAuthorization();

        app.MapControllerRoute(
            name: "default",
            pattern: "{controller=Home}/{action=Index}/{id?}");

        app.Run();

    }
}

//LaunchSettings.json

{
  "iisSettings": {
    "windowsAuthentication": false,
    "anonymousAuthentication": true,
    "iisExpress": {
      "applicationUrl": "http://localhost:54230",
      "sslPort": 44378
    }
  },
  "profiles": {
    "MyApp": {
      "commandName": "Project",
      "dotnetRunMessages": true,
      "launchBrowser": true,
      "applicationUrl": "https://localhost:7128;http://localhost:5082",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    }
  }
}

我将应用程序发布到文件夹,然后将该文件夹上传到 IIS 并将其转换为应用程序,并启用授权匿名身份验证

当我右键单击该应用程序并单击浏览时,我收到上述错误,我真的不知道为什么

asp.net-mvc asp.net-core iis okta
1个回答
0
投票

确保应用程序托管在 iis 的端口 7128 上。您可以更改 iis 端口以匹配 7128,或更改 Okta 上的重定向 URI 以匹配 iis 上的端口

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.