1. 首頁
  2. 問答
  3. User.Identity.IsAuthenticated總是返回false

User.Identity.IsAuthenticated總是返回false

2017-08-09 107 views
0

我正在使用ASP.NET WEB API實現REST API 2.我有默認的AccountController實現方法// GET api/Account/ExternalLogin。User.Identity.IsAuthenticated總是返回false

[OverrideAuthentication] 
[HostAuthentication(DefaultAuthenticationTypes.ExternalCookie)] 
[AllowAnonymous] 
[Route("ExternalLogin", Name = "ExternalLogin")] 
public async Task<IHttpActionResult> GetExternalLogin(string provider, string error = null) 
{ 
    if (error != null) 
    { 
     return Redirect(Url.Content("~/") + "#error=" + Uri.EscapeDataString(error)); 
    } 

    if (!User.Identity.IsAuthenticated) 
    { 
     return new ChallengeResult(provider, this); 
    } 

    ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity); 

    if (externalLogin == null) 
    { 
     return InternalServerError(); 
    } 

    if (externalLogin.LoginProvider != provider) 
    { 
     Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie); 
     return new ChallengeResult(provider, this); 
    } 

    ApplicationUser user = await UserManager.FindAsync(new UserLoginInfo(externalLogin.LoginProvider, 
     externalLogin.ProviderKey)); 

    bool hasRegistered = user != null; 

    if (hasRegistered) 
    { 
     Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie); 

     ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(UserManager, 
      OAuthDefaults.AuthenticationType); 
     ClaimsIdentity cookieIdentity = await user.GenerateUserIdentityAsync(UserManager, 
      CookieAuthenticationDefaults.AuthenticationType); 

     AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user.UserName); 
     Authentication.SignIn(properties, oAuthIdentity, cookieIdentity); 
    } 
    else 
    { 
     IEnumerable<Claim> claims = externalLogin.GetClaims(); 
     ClaimsIdentity identity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType); 
     Authentication.SignIn(identity); 
    } 

    return Ok(); 
}

我已經通過互聯網瞭解並沒有發現任何適用於這種情況的東西。

URL我用

https_://_www.dummydomain.com:43363/API /帳號/ ExternalLogin提供商=谷歌& RESPONSE_TYPE =令牌&的client_id =自& REDIRECT_URI = HTTPS%3A%2F %2Fwww.dummydomain.com%3A43363%2F &狀態= jI4zGXuaVvHI8qf9E0Nww3qBwke0YsYwD9AORwKBj3o1

每一個外部服務(谷歌/ FB)的作品correclty。我看到AspNet.ExternalCookie設置,但重定向回我無權在AppController得到

{ 
    email:null, 
    hasRegistred: true, 
    loginProvaider: null 
}

更新1

Properties字典Request財產不包含MS_UserPrincipal

查看附件截圖。 Properties keys

Request.Properties["MS_HttpContext"]收益:(見截圖) MS_HttpContextobject

來源

2017-08-09 Helga Lukava

回答

0

這是無法直接在APIController使用的HttpContext屬性。爲了得到這個,你必須使用System.Net.Http.HttpRequestMessage類型的Request屬性。 HttpRequestMessage有一個屬性字典;你會發現密鑰MS_UserPrincipal的值包含你的IPrincipal對象。

來源

2017-08-09 13:23:19

+0

這不適合我。 MS_UserPrincipal似乎錯過了。請看截圖https://www.screencast.com/t/FpMDjU1O。 –

相關問題

 相關問題