我正在設置IdentityServer4,使用Example 8_EntityFramework作爲基礎。Google Auth不會返回IdentityServer4的一致ID
問題 - Google身份驗證似乎沒有返回一個可以鏈接回我的應用的一致ID。
看着這個StackOverflow post,一位用戶從文檔中聲稱'sid'會這樣做。但是,如果我重新啓動服務器並清除緩存,則SID會有所不同(請參閱下文),因此不要認爲它值得信賴。
繼另一種想法之後,我嘗試將UserInformationEndpoint
設置爲'https://www.googleapis.com/oauth2/v1/userinfo',但是完全失敗。
這裏是我的代碼auth服務器startup.js - 這幾乎是標準的example。
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
var connectionString = @"server={myserver};database=IdentityServer4.QuickStart;trusted_connection=yes";
var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name;
// configure identity server with in-memory users, but EF stores for clients and scopes
services.AddIdentityServer()
.AddSigningCredential(new X509Certificate2(@"{pathtocertificate}\{certname}.pfx", "{password}"))
//.AddTemporarySigningCredential()
.AddInMemoryUsers(Config.GetUsers())
.AddConfigurationStore(builder =>
builder.UseSqlServer(connectionString, options =>
options.MigrationsAssembly(migrationsAssembly)))
.AddOperationalStore(builder =>
builder.UseSqlServer(connectionString, options =>
options.MigrationsAssembly(migrationsAssembly)));
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
// this will do the initial DB population
InitializeDatabase(app);
loggerFactory.AddConsole(LogLevel.Debug);
app.UseDeveloperExceptionPage();
app.UseIdentityServer();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme,
AutomaticAuthenticate = false,
AutomaticChallenge = false
});
app.UseGoogleAuthentication(new GoogleOptions
{
AuthenticationScheme = "Google",
DisplayName = "Google",
SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme,
Scope = { "openid", "email" },
ClientId = "434483408261-55tc8n0cs4ff1fe21ea8df2o443v2iuc.apps.googleusercontent.com",
ClientSecret = "3gcoTrEDPPJ0ukn_aYYT6PWo"
});
app.UseStaticFiles();
app.UseMvcWithDefaultRoute();
}
谷歌驗證結果1
清除緩存,並重啓IdentityServer4 - 所有的按鍵改變!
有誰知道我可以用什麼鉤對陣我的資源服務器(即谷歌ID ABC始終爲我的用戶XYZ)嗎?