我正在尝试为我的slackbot创建一个非常简单的页面,以便用户可以登录和注册。但是,即使使用他们生成的“使用松弛登录”按钮,我也会收到错误消息“ oauth状态丢失或无效。”。使用“添加到松弛”也会发生相同的错误。
我基于https://dotnetthoughts.net/slack-authentication-with-aspnet-core/创建了我的代码。即使它已经过时,但这也是我可以在网上找到的唯一示例。我试图弄清楚我需要进行哪些更改才能使其与dotnetcore 3和Slack 2.0一起使用,但是我已经不知所措了。
在我的服务中,在调用AddMvc等之前,我具有以下条件:>
services.AddAuthentication(options => options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie(options => { options.Cookie.Name = "MyAuthCookieName"; options.Cookie.HttpOnly = true; options.Cookie.SecurePolicy = CookieSecurePolicy.Always; options.Cookie.MaxAge = TimeSpan.FromDays(7); options.ExpireTimeSpan = TimeSpan.FromDays(7); options.LoginPath = $"/login"; options.LogoutPath = $"/logout"; options.AccessDeniedPath = $"/AccessDenied"; options.SlidingExpiration = true; options.ReturnUrlParameter = CookieAuthenticationDefaults.ReturnUrlParameter; }) //.AddSlack(options => //{ // options.ClientId = Configuration["Slack:ClientId"]; // options.ClientSecret = Configuration["Slack:ClientSecret"]; //}); .AddOAuth("Slack", options => { options.ClientId = Configuration["Slack:ClientId"]; options.ClientSecret = Configuration["Slack:ClientSecret"]; options.CallbackPath = new PathString("/signin-slack"); options.AuthorizationEndpoint = $"https://slack.com/oauth/authorize"; options.TokenEndpoint = "https://slack.com/api/oauth.access"; options.UserInformationEndpoint = "https://slack.com/api/users.identity?token="; options.Scope.Add("identity.basic"); options.Events = new OAuthEvents() { OnCreatingTicket = async context => { var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint + context.AccessToken); var response = await context.Backchannel.SendAsync(request, context.HttpContext.RequestAborted); response.EnsureSuccessStatusCode(); var userObject = JObject.Parse(await response.Content.ReadAsStringAsync()); var user = userObject.SelectToken("user"); var userId = user.Value<string>("id"); if (!string.IsNullOrEmpty(userId)) { context.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userId, ClaimValueTypes.String, context.Options.ClaimsIssuer)); } var fullName = user.Value<string>("name"); if (!string.IsNullOrEmpty(fullName)) { context.Identity.AddClaim(new Claim(ClaimTypes.Name, fullName, ClaimValueTypes.String, context.Options.ClaimsIssuer)); } } }; });
我的配置方法看起来像
app.UseHttpsRedirection(); app.UseStaticFiles(); app.UseRouting(); app.UseAuthentication(); app.UseAuthorization(); app.Map("/login", builder => { builder.Run(async context => { await context.ChallengeAsync("Slack", properties: new AuthenticationProperties { RedirectUri = "/" }); }); }); app.Map("/logout", builder => { builder.Run(async context => { await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); context.Response.Redirect("/"); }); }); app.UseEndpoints(endpoints => { endpoints.MapControllers(); endpoints.MapRazorPages(); });
除了“ oauth状态在无效时丢失”之外,如果在我的应用程序中我直接进入/ login我没有收到错误,但由于
User.Identity.IsAuthenticated
为假,因此我似乎没有登录。
我真的很茫然,可以使用一些非常感谢的帮助!
谢谢!
大量更新
我使日志进入松弛状态,但无法使添加到松弛按钮正常工作。
这是我的新服务:
services.AddAuthentication(options => { options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; }) .AddCookie(options => { options.LoginPath = "/login"; options.LogoutPath = "/logout"; }) .AddSlack(options => { options.ClientId = Configuration["Slack:ClientId"]; options.ClientSecret = Configuration["Slack:ClientSecret"]; options.CallbackPath = $"{SlackAuthenticationDefaults.CallbackPath}?state={Guid.NewGuid():N}"; options.ReturnUrlParameter = new PathString("/"); options.Events = new OAuthEvents() { OnCreatingTicket = async context => { var request = new HttpRequestMessage(HttpMethod.Get, $"{context.Options.UserInformationEndpoint}?token={context.AccessToken}"); var response = await context.Backchannel.SendAsync(request, context.HttpContext.RequestAborted); response.EnsureSuccessStatusCode(); var userObject = JObject.Parse(await response.Content.ReadAsStringAsync()); var user = userObject.SelectToken("user"); var userId = user.Value<string>("id"); if (!string.IsNullOrEmpty(userId)) { context.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userId, ClaimValueTypes.String, context.Options.ClaimsIssuer)); } var fullName = user.Value<string>("name"); if (!string.IsNullOrEmpty(fullName)) { context.Identity.AddClaim(new Claim(ClaimTypes.Name, fullName, ClaimValueTypes.String, context.Options.ClaimsIssuer)); } } }; });
每个@timur,我抓取了app.Map并使用了身份验证控制器:
public class AuthenticationController : Controller { [HttpGet("~/login")] public async Task<IActionResult> SignIn() { return Challenge(new AuthenticationProperties { RedirectUri = "/" }, "Slack"); } [HttpGet("~/signin-slack")] public IActionResult SignInSlack() { return RedirectToPage("/Index"); } [HttpGet("~/logout"), HttpPost("~/logout")] public IActionResult SignOut() { return SignOut(new AuthenticationProperties { RedirectUri = "/" }, CookieAuthenticationDefaults.AuthenticationScheme); } }
与Slack一样,提供了“添加到Slack”按钮。
<a href="https://slack.com/oauth/authorize?scope=incoming-webhook,commands,bot&client_id=#############"><img alt="Add to Slack" height="40" width="139" src="https://platform.slack-edge.com/img/add_to_slack.png" srcset="https://platform.slack-edge.com/img/add_to_slack.png 1x, https://platform.slack-edge.com/img/[email protected] 2x" /></a>
因此,当用户单击“登录”时,它将它们登录并得到他们的名称,等等。您会注意到,在我的身份验证控制器中,我添加了一个路径为“〜/ signin-slack”的函数,这是因为我手动添加了“ Options.CallbackPath”以添加状态参数。如果删除“ Options.CallbackPath”,则会收到一条错误消息,指出oauth状态丢失或无效。
所以,我不确定在Slack方面我缺少什么。它们听起来很简单!
很抱歉,发布/更新时间过长。感谢您的帮助。
我正在尝试为我的slackbot创建一个非常简单的页面,以便用户可以登录和注册。但是,即使使用他们生成的“使用松弛登录”按钮,我也会收到错误消息“ oauth状态为...
您提到的同一篇文章下面有一个指向AspNet.Security.OAuth.Providers源存储库的链接。这似乎相当活跃,并且支持其他OAuth目标(包括Slack)的HEAPS。
所以我想通了。登录完全与“添加到松弛”功能分开。