我在VS 2015中使用了Auth0-Mvc NuGet包(最新的0.9.1)和MVC 4.针对.NET 4.5.2
在局部视图中指定 @Html.AntiForgeryToken()
时,遇到了一个
“http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier”或“http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider”类型的声明未提供的ClaimsIdentity . 要使用基于声明的身份验证启用防伪令牌支持,请验证配置的声明提供程序是否在其生成的ClaimsIdentity实例上提供这两个声明 . 如果配置的声明提供程序使用不同的声明类型作为唯一标识符,则可以通过设置静态属性AntiForgeryConfig.UniqueClaimTypeIdentifier来配置它 .
使用其他advice for similar problem,我修改 Global.asax.cs
包括:
protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.NameIdentifier;
}
这导致:
提供的ClaimsIdentity中没有“http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier”类型的声明 .
How can I modify my code to solve this ClaimsIdentity and nameidentifier issue?
我在社区中发现了任何修改 . 它确实有 @Html.AntiForgeryToken()
,所以我'm hoping there'是一个解决方案 .
我的 CallbackHandler.ashx
与NuGet包0.9.1中提供的相同
public void ProcessRequest(HttpContext context)
{
var token = client.ExchangeAuthorizationCodePerAccessToken(context.Request.QueryString["code"], ConfigurationManager.AppSettings["auth0:CallbackUrl"]);
var profile = client.GetUserInfo(token.AccessToken);
var user = new Dictionary<string, string>
{
{ "name", profile.Name??"" },
{ "email", profile.Email??"" },
{ "family_name", profile.FamilyName??"" },
{ "given_name", profile.GivenName??"" },
{ "gender", profile.Gender??"" },
{ "nickname", profile.Nickname??"" },
{ "picture", profile.Picture??"" },
{ "user_id", profile.UserId??"" },
{ "id_token", token.IdToken }
};
ClaimsCookie.ClaimsCookieModule.Instance.CreateSessionSecurityToken(user);
var claimedUser = new User
{
AccessToken = user["id_token"],
UserID = user["user_id"],
Name = user["name"],
Email = user["email"],
NickName = user["nickname"],
ProfilePicUrl = user["picture"]
};
//go save to database.
//then redirect to another URL