net MVC 核心 Web 应用程序。我的应用程序使用 Okta 作为授权。从 VS 代码运行时它工作得很好,但是当我发布它并在 IIS 中创建应用程序,然后浏览它时,我收到一个
404错误:您的请求导致错误。 “redirect_uri”参数必须是客户端应用程序设置中的登录重定向 URI:https://myapp-admin.oktapreview.com/admin/app/oidc_client/instance/0qp0wpty1plmokgT09i7#tab-general
我已尝试按照 https://support.okta.com/help/s/article/The-redirect-uri-parameter-must-be-an-absolute-URI?language=en_US 的说明进行操作,但他们不会产生任何不同的结果,我真的很困惑为什么它在 VS code 中运行时工作正常,但在 IIS 中运行却不行。
在 Okta 中,我的登录重定向 URI 是 https://localhost:7128/okta-auth,我的注销重定向 URI 是 http://localhost:8080,仅由应用程序启动登录,并且我没有为启动登录设置任何内容URI。
在我的应用程序 appsettings.json 中,我设置了 Okta
"Okta": {
"Issuer": "https://myapp.oktapreview.com/oauth2/default",
"ClientId": "hidden",
"ClientSecret": "hidden",
"CallbackPath": "/okta-auth",
"Authority": "https://myapp.oktapreview.com/oauth2/default"
}
//启动.cs
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
namespace okta_aspnetcore_mvc_example
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews();
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = "okta";
})
.AddCookie(options =>
{
})
//let users sign in with okta account
.AddOpenIdConnect("okta", options =>
{
options.Authority = Configuration["Okta:Authority"];
options.ClientId = Configuration["Okta:ClientId"];
options.ClientSecret = Configuration["Okta:ClientSecret"];
options.CallbackPath = Configuration["Okta:CallbackPath"];
options.ResponseType = OpenIdConnectResponseType.Code;
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
}
}
程序.cs
public class Program
{
public static void Main(string[] args)
{
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
var startup = new Startup(builder.Configuration); //startup class
startup.ConfigureServices(builder.Services); // Add services to the container.
builder.Services.AddControllersWithViews();
builder.Services.AddDbContext<ApplicationDbContext>(options => options.UseSqlServer(
builder.Configuration.GetConnectionString("DefaultConnection")
));
builder.Services.AddRazorPages();
var app = builder.Build();
startup.Configure(app, app.Environment); // Configure the HTTP request pipeline.
// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthorization();
app.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
app.Run();
}
}
//LaunchSettings.json
{
"iisSettings": {
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:54230",
"sslPort": 44378
}
},
"profiles": {
"MyApp": {
"commandName": "Project",
"dotnetRunMessages": true,
"launchBrowser": true,
"applicationUrl": "https://localhost:7128;http://localhost:5082",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
},
"IIS Express": {
"commandName": "IISExpress",
"launchBrowser": true,
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
}
}
}
我将应用程序发布到文件夹,然后将该文件夹上传到 IIS 并将其转换为应用程序,并启用授权匿名身份验证
当我右键单击该应用程序并单击浏览时,我收到上述错误,我真的不知道为什么
确保应用程序托管在 iis 的端口 7128 上。您可以更改 iis 端口以匹配 7128,或更改 Okta 上的重定向 URI 以匹配 iis 上的端口