首页 新闻 会员 周边 捐助

asp.net core web应用微信登录失败,界面反复刷新

2
悬赏园豆:5 [已关闭问题] 关闭于 2021-04-06 15:28

遇到一个问题:一个web页面,通过微信授权登陆生成cookie。
流程是这样的:未登录用户访问web---》跳转到微信授权页面--》用户操作授权--》返回web应用的回调接口,设置cookie。
上面的流程已经确实成功完成,但是网页不断的循环刷新。好像设置的cookie无效。

Startup.ConfigureServices

            services.AddAuthentication("Cookies")
            .AddCookie("Cookies", options =>
            {
                options.LoginPath = "/api/Oauth/Login";
            })
            .AddJwtBearer("Bearer", options =>
            {
                options.Authority = identityUrl;
                options.RequireHttpsMetadata = false;
                options.Audience = "api1";
            });

        public void Configure(IApplicationBuilder app,
            IWebHostEnvironment env
            ...)
        {
            ...
            app.UsePathBase("basepath");
            ...
        }

跳转到微信授权页面

/api/Oauth/Login

        public ActionResult Login(string returnUrl)
        {
            var state = "test-" + SystemTime.Now.Millisecond;

            ViewData["returnUrl"] = returnUrl;

            //此页面引导用户点击授权
            string urlUserInfo = OAuthApi.GetAuthorizeUrl(_settings.Value.WeixinAppId, "http://XXX/basepath/api/Oauth/UserInfoCallback?returnUrl=" + returnUrl,
                state, OAuthScope.snsapi_userinfo);

            return Redirect(urlUserInfo);
        }

微信回调

/api/Oauth/UserInfoCallback

。。。
            HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
                new ClaimsPrincipal(claimsIdentity),
                new AuthenticationProperties()
                {
                    IsPersistent=true,
                    ExpiresUtc = DateTimeOffset.UtcNow.AddDays(1),
                    AllowRefresh=true,
                });
            Console.WriteLine(string.Format(@"用户{0}登陆成功。", UserCode));

日志(以下日志循环出现,登陆界面重复刷新):

Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler[7]
Cookies was not authenticated. Failure message: Unprotect ticket failed

Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
Authorization failed. These requirements were not met:
DenyAnonymousAuthorizationRequirement: Requires an authenticated user.

Request starting HTTP/1.1 GET http://XXXX/basepath/api/Oauth/Login?ReturnUrl=。。。

Executing RedirectResult, redirecting to https://open.weixin.qq.com/connect/oauth2/。。。。

Request starting HTTP/1.1 GET http://XXXX/basepath/api/Oauth/UserInfoCallback?returnUrl=

用户XXX登陆成功。

Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler[10]

AuthenticationScheme: Cookies signed in.

一羽赐命的主页 一羽赐命 | 初学一级 | 园豆:11
提问于:2021-03-30 14:25
< >
分享
清除回答草稿
   您需要登录以后才能回答,未注册用户请先注册