0

我在ASP.NET MVC 5網站上使用Google/Facebook/LinkedIn身份驗證。出於某種原因,偶爾會有一些用戶抱怨無法登錄,因爲他們會收到redirect_uri_mismatch錯誤。需要幫助解決redirect_uri_mismatch錯誤

正如我所說的,奇怪的是,這個錯誤似乎是間歇性發生的,而且只發生在某些用戶身上。我在下面包括我的代碼,以便您可以指出我做錯了什麼。

這裏是Startup.cs文件代碼

using System; 
using System.Collections.Generic; 
using System.Linq; 
using System.Security.Claims; 
using System.Web; 
using Owin; 
using Owin.Security.Providers.LinkedIn; 
using Microsoft.Owin.Security.Cookies; 
using Microsoft.Owin.Security.Facebook; 
using Microsoft.Owin.Security.Google; 

namespace myWebSite 
{ 
    public class Startup 
    { 
     public void Configuration(IAppBuilder app) 
     { 
      // Set up app to use cookies for authentication 
      var cookieOptions = new CookieAuthenticationOptions 
      { 
       AuthenticationType = "Cookies", 
       CookieSecure = CookieSecureOption.SameAsRequest, 
       ExpireTimeSpan = TimeSpan.FromMinutes(60), 
       SlidingExpiration = true, 
       LoginPath = new Microsoft.Owin.PathString("/Account/Login") 
      }; 
      app.UseCookieAuthentication(cookieOptions); 

      // Set up external authentication 
      var externalCookieOptions = new CookieAuthenticationOptions 
      { 
       AuthenticationType = "ExternalCookie", 
       CookieSecure = CookieSecureOption.SameAsRequest, 
       ExpireTimeSpan = TimeSpan.FromMinutes(10), 
       AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive, 
       CookieManager = new Helpers.SystemWebCookieManager() 
      }; 
      app.UseCookieAuthentication(externalCookieOptions); 

      #region Facebook Authentication 

      var fbOptions = new FacebookAuthenticationOptions 
      { 
       AuthenticationType = "Facebook", 
       AppId = "myFacebookAppIdGoesHere", 
       AppSecret = "myFacebookAppSecretGoesHere", 
       SignInAsAuthenticationType = "ExternalCookie", 
       Provider = new FacebookAuthenticationProvider 
       { 
        OnAuthenticated = async ctx => 
        { 
         var token = ctx.AccessToken; 

         var id = ctx.Id; 
         var firstName = ctx.User["first_name"]; 
         var middleName = ctx.User["middle_name"]; 
         var lastName = ctx.User["last_name"]; 
         var gender = ctx.User["gender"]; 
         var birthday = ctx.User["birthday"]; 
         var email = ctx.User["email"]; 
         var username = ctx.User["username"]; 

         ctx.Identity.AddClaim(new Claim("urn:myWebSite:AuthorityId", "1", ClaimValueTypes.String, "Facebook")); 

         if (id != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, id.ToString(), ClaimValueTypes.String, "Facebook")); 
         } 
         if (firstName != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.GivenName, firstName.ToString(), ClaimValueTypes.String, "Facebook")); 
         } 
         if (middleName != null) 
         { 
          ctx.Identity.AddClaim(new Claim("urn:facebook:middle_name", middleName.ToString(), ClaimValueTypes.String, "Facebook")); 
         } 
         if (lastName != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.Surname, lastName.ToString(), ClaimValueTypes.String, "Facebook")); 
         } 
         if (gender != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.Gender, gender.ToString(), ClaimValueTypes.String, "Facebook")); 
         } 
         if (birthday != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.DateOfBirth, birthday.ToString(), ClaimValueTypes.String, "Facebook")); 
         } 
         if (email != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.Email, email.ToString(), ClaimValueTypes.String, "Facebook")); 
         } 

         ctx.Identity.AddClaim(new Claim("fb.token", token)); 
        }, 
        OnReturnEndpoint = async ctx => 
        { 
         if (ctx.Identity == null) 
         { 
          // User is not authenticated 
          throw new HttpException(403, "Unable to authenticate with Facebook..."); 
         } 
         else 
         { 
          if (ctx.Properties.Dictionary.ContainsKey("returnUrl")) 
          { 
           ctx.RedirectUri += "?returnUrl=" + ctx.Properties.Dictionary["returnUrl"]; 
          } 
         } 
        } 
       } 
      }; 
      fbOptions.Scope.Add("user_birthday"); 
      fbOptions.Scope.Add("email"); 
      app.UseFacebookAuthentication(fbOptions); 

      #endregion 

      #region Google Authentication 

      var googleOptions = new GoogleOAuth2AuthenticationOptions 
      { 
       AuthenticationType = "Google", 
       ClientId = "myGoogleClientIdGoesHere", 
       ClientSecret = "myGoogleClientSecretGoesHere", 
       SignInAsAuthenticationType = "ExternalCookie", 
       Provider = new GoogleOAuth2AuthenticationProvider 
       { 
        OnAuthenticated = async ctx => 
        { 
         var token = ctx.AccessToken; 

         var id = ctx.Id; 
         var firstName = ctx.GivenName; 
         var middleName = ctx.User["middle_name"]; 
         var lastName = ctx.FamilyName; 
         var gender = ctx.User["gender"]; 
         var birthday = ctx.User["birthday"]; 
         var email = ctx.Email; 
         var username = ctx.User["username"]; 

         ctx.Identity.AddClaim(new Claim("urn:myWebSite:AuthorityId", "3", ClaimValueTypes.String, "Google")); 

         if (id != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, id.ToString(), ClaimValueTypes.String, "Google")); 
         } 
         if (firstName != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.GivenName, firstName.ToString(), ClaimValueTypes.String, "Google")); 
         } 
         if (middleName != null) 
         { 
          ctx.Identity.AddClaim(new Claim("urn:google:middle_name", middleName.ToString(), ClaimValueTypes.String, "Google")); 
         } 
         if (lastName != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.Surname, lastName.ToString(), ClaimValueTypes.String, "Google")); 
         } 
         if (gender != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.Gender, gender.ToString(), ClaimValueTypes.String, "Google")); 
         } 
         if (birthday != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.DateOfBirth, birthday.ToString(), ClaimValueTypes.String, "Google")); 
         } 
         if (email != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.Email, email.ToString(), ClaimValueTypes.String, "Google")); 
         } 

         ctx.Identity.AddClaim(new Claim("google.token", token)); 
        }, 
        OnReturnEndpoint = async ctx => 
        { 
         if (ctx.Identity == null) 
         { 
          // User is not authenticated 
          throw new HttpException(403, "Unable to authenticate with Google..."); 
         } 
         else 
         { 
          if (ctx.Properties.Dictionary.ContainsKey("returnUrl")) 
          { 
           ctx.RedirectUri += "?returnUrl=" + ctx.Properties.Dictionary["returnUrl"]; 
          } 
         } 
        } 
       } 
      }; 
      googleOptions.Scope.Add("openid"); 
      googleOptions.Scope.Add("email"); 
      googleOptions.Scope.Add("profile"); 

      app.UseGoogleAuthentication(googleOptions); 

      #endregion 

      #region LinkedIn Authentication 

      var linkedInOptions = new LinkedInAuthenticationOptions 
      { 
       AuthenticationType = "LinkedIn", 
       ClientId = "myLinkedInClientIdGoesHere", 
       ClientSecret = "myLinkedInClientSecretGoesHere", 
       SignInAsAuthenticationType = "ExternalCookie", 
       Provider = new LinkedInAuthenticationProvider 
       { 
        OnAuthenticated = async ctx => 
        { 
         var token = ctx.AccessToken; 

         var id = ctx.Id; 
         var firstName = ctx.User["first_name"]; 
         var middleName = ctx.User["middle_name"]; 
         var lastName = ctx.User["last_name"]; 
         var gender = ctx.User["gender"]; 
         var birthday = ctx.User["birthday"]; 
         var email = ctx.Email; 
         var username = ctx.User["username"]; 

         ctx.Identity.AddClaim(new Claim("urn:myWebSite:AuthorityId", "4", ClaimValueTypes.String, "LinkedIn")); 

         if (id != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, id.ToString(), ClaimValueTypes.String, "LinkedIn")); 
         } 
         if (firstName != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.GivenName, firstName.ToString(), ClaimValueTypes.String, "LinkedIn")); 
         } 
         if (middleName != null) 
         { 
          ctx.Identity.AddClaim(new Claim("urn:linkedin:middle_name", middleName.ToString(), ClaimValueTypes.String, "LinkedIn")); 
         } 
         if (lastName != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.Surname, lastName.ToString(), ClaimValueTypes.String, "LinkedIn")); 
         } 
         if (gender != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.Gender, gender.ToString(), ClaimValueTypes.String, "LinkedIn")); 
         } 
         if (birthday != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.DateOfBirth, birthday.ToString(), ClaimValueTypes.String, "LinkedIn")); 
         } 
         if (email != null) 
         { 
          ctx.Identity.AddClaim(new Claim(ClaimTypes.Email, email.ToString(), ClaimValueTypes.String, "LinkedIn")); 
         } 

         ctx.Identity.AddClaim(new Claim("linkedin.token", token)); 
        }, 
        OnReturnEndpoint = async ctx => 
        { 
         if (ctx.Identity == null) 
         { 
          // User is not authenticated 
          throw new HttpException(403, "Unable to authenticate with LinkedIn..."); 
         } 
         else 
         { 
          if (ctx.Properties.Dictionary.ContainsKey("returnUrl")) 
          { 
           ctx.RedirectUri += "?returnUrl=" + ctx.Properties.Dictionary["returnUrl"]; 
          } 
         } 
        } 
       } 
      }; 

      app.UseLinkedInAuthentication(linkedInOptions); 

      #endregion 
     } 
    } 
} 

回答