salesforce owin oauth 登录 returns 未经授权的响应
salesforce owin oauth login returns an unauthorized response
我目前正在尝试使用 owin 安全提供程序在我的网络应用程序上对 salesforce 用户进行身份验证。
更新:通过将 salesforceOptions.CallbackPath = new PathString("/callback"); 添加到 Startup.Auth.cs 文件,我可以导航到登录屏幕。但是,当我输入我的凭据时,我 return 进入了登录页面。函数 AuthenticationManager.GetExternalLoginInfo(); return 为空。
Salesforce settings (sample):
consumer key = abc
consumer secret = def
Selected OAuth scopes = basic (id, profile, email, address phone)
Callback url = http://localhost:12345/callback http://localhost:12345/account/externallogin
Enable for device flow = false
Require secret for web server flow = true
include custom attributes = false
include custom permissions = false
Creating the solution:
I created a MVC app with indivicual user authentication in vs 2015.
I added the NugetPackage Owin.Security.Providers.Salesforce
// Startup.Auth.cs class
public partial class Startup
{
public void ConfigureAuth(IAppBuilder app)
{
// Generated code
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
// I added this
var salesforceOptions = new SalesforceAuthenticationOptions
{
Endpoints =
new SalesforceAuthenticationOptions.SalesforceAuthenticationEndpoints
{
AuthorizationEndpoint =
"https://login.salesforce.com/services/oauth2/authorize",
TokenEndpoint = "https://login.salesforce.com/services/oauth2/token"
},
ClientId = "abc",
ClientSecret = "def"
};
// I added the following to get one step further:
salesforceOptions.CallbackPath = new PathString("/callback");
app.UseSalesforceAuthentication(salesforceOptions);
}
}
未对 web.config 或任何其他文件进行任何更改。当我 运行 应用程序时,我收到一个 salesforce 登录按钮。当我按下此按钮并输入我的凭据时,我被重定向到登录页面,没有登录详细信息。
我希望 return 我的登录信息在帐户控制器中的功能:
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
我可能缺少哪些设置?
未经授权的响应是 red herring。这与此无关。我在 google 登录期间收到了相同的 401,但效果很好
我找到了问题的答案。我设法找到一条隐藏在日志记录中的消息,它告诉我以下内容:
Stronger security is required
To access this website, update your web browser or upgrade your operating system to support TLS 1.1 or TLS 1.2.
TSL =>“传输层安全性”。
谷歌搜索后,我设法找到了 this 解决方案。通过将以下行添加到我的启动代码中,我解决了我的问题:
using System.Net;
public partial class Startup
{
public void ConfigureAuth(IAppBuilder app)
{
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11;
// rest of Startup.Auth.cs code
}
}
这样我就可以正常登录了
我目前正在尝试使用 owin 安全提供程序在我的网络应用程序上对 salesforce 用户进行身份验证。
更新:通过将 salesforceOptions.CallbackPath = new PathString("/callback"); 添加到 Startup.Auth.cs 文件,我可以导航到登录屏幕。但是,当我输入我的凭据时,我 return 进入了登录页面。函数 AuthenticationManager.GetExternalLoginInfo(); return 为空。
Salesforce settings (sample):
consumer key = abc
consumer secret = def
Selected OAuth scopes = basic (id, profile, email, address phone)
Callback url = http://localhost:12345/callback http://localhost:12345/account/externallogin
Enable for device flow = false
Require secret for web server flow = true
include custom attributes = false
include custom permissions = falseCreating the solution:
I created a MVC app with indivicual user authentication in vs 2015.
I added the NugetPackage Owin.Security.Providers.Salesforce
// Startup.Auth.cs class
public partial class Startup
{
public void ConfigureAuth(IAppBuilder app)
{
// Generated code
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
// I added this
var salesforceOptions = new SalesforceAuthenticationOptions
{
Endpoints =
new SalesforceAuthenticationOptions.SalesforceAuthenticationEndpoints
{
AuthorizationEndpoint =
"https://login.salesforce.com/services/oauth2/authorize",
TokenEndpoint = "https://login.salesforce.com/services/oauth2/token"
},
ClientId = "abc",
ClientSecret = "def"
};
// I added the following to get one step further:
salesforceOptions.CallbackPath = new PathString("/callback");
app.UseSalesforceAuthentication(salesforceOptions);
}
}
未对 web.config 或任何其他文件进行任何更改。当我 运行 应用程序时,我收到一个 salesforce 登录按钮。当我按下此按钮并输入我的凭据时,我被重定向到登录页面,没有登录详细信息。
我希望 return 我的登录信息在帐户控制器中的功能:
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
我可能缺少哪些设置?
未经授权的响应是 red herring。这与此无关。我在 google 登录期间收到了相同的 401,但效果很好
我找到了问题的答案。我设法找到一条隐藏在日志记录中的消息,它告诉我以下内容:
Stronger security is required
To access this website, update your web browser or upgrade your operating system to support TLS 1.1 or TLS 1.2.
TSL =>“传输层安全性”。
谷歌搜索后,我设法找到了 this 解决方案。通过将以下行添加到我的启动代码中,我解决了我的问题:
using System.Net;
public partial class Startup
{
public void ConfigureAuth(IAppBuilder app)
{
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11;
// rest of Startup.Auth.cs code
}
}
这样我就可以正常登录了