我在尝试将条带支付集成到系统时注意到了最初的问题。用户登录后,填写必要的详细信息后,将发送到 stripe 页面以完成付款。
支付成功后,他会被重定向到该网站。在这里,我需要访问有关用户的某些声明,我希望从
HTTPContext.Request.Identity.Claims
找到它们。
然而,没有任何索赔,甚至
HTTPContext.Request.Identity.Name
都是空的。
这是
startup.cs
和控制器代码。
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
BsonClassMap.RegisterClassMap<Customer>(
cm => {
cm.AutoMap();
cm.SetIgnoreExtraElements(true);
});
var mcaMongoDbConfig = Configuration.GetSection(nameof(SiteMongoDbConfig)).Get<SiteMongoDbConfig>();
var mongoDbSettings = Configuration.GetSection(nameof(SiteMongoDbConfig)).Get<SiteMongoDbConfig>();
services.AddIdentity<Customer, ApplicationRole>().AddDefaultUI()
.AddUserManager<UserManager<Customer>>()
.AddMongoDbStores<Customer, ApplicationRole, Guid>
(
mongoDbSettings.ConnectionString, mcaMongoDbConfig.Name
)
.AddSignInManager<SignInManager<Customer>>()
.AddDefaultTokenProviders();
services.AddRazorPages();
services.AddControllersWithViews();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseMigrationsEndPoint();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
}
}
到目前为止,控制器非常简单:
public class HomeController : Controller
{
private readonly ILogger<HomeController> _logger;
protected HttpContext context;
public HomeController(ILogger<HomeController> logger, IHttpContextAccessor httpContextAccessor)
{
_logger = logger;
context = httpContextAccessor.HttpContext;
}
public IActionResult Index()
{
var httpContext = context;
//context.Request.Identity.Name
return View();
}
public IActionResult Privacy()
{
return View();
}
[ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
public IActionResult Error()
{
return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
}
}
用户从我需要访问声明的外部站点重定向到索引视图。这是一个简单的 HTML 文件
<html>
<body>
<a href ="https://localhost:43256"/>go back</a>
</body>
当用户从网站内部访问该页面时,声明可用,但当用户从外部链接重定向到该页面时,声明不可用..
一种理论可能是,当您从应用程序重定向 -> stripe 并返回时,cookie 会丢失。这是由于当今所有浏览器都支持 SameSite cookie 安全功能。
用户在 stripe 付款后,我会检查 cookie 是否包含在请求中。
为了补充这个答案,我写了一篇博客文章,更详细地介绍了该主题:调试 ASP.NET Core 中的 cookie 问题