发表新帖
发表新帖

MVC 5 OWIN login with claims and AntiforgeryToken. Do I miss a ClaimsIdentity provider?

后端 未结
关注
6 1830
别那么骄傲
别那么骄傲 2021-02-01 23:43

I\'m trying to learn Claims for MVC 5 OWIN login. I try\'ed to keep it as simple as possible. I started with the MVC template and inserted my claims code (see below). I get an e

相关标签:
6条回答
  • 说谎
    2021-02-01 23:53

    I had a similar issue to this that turned out to be cookie related; I was developing two MVC sites simultaneously and because ASP.Net sites all use the same cookie name by default the two sites were interfering with each other. Clearing the cookies fixed the issue. There's more on this in my answer here.

    0 讨论(0)
  • 挽巷
    2021-02-01 23:54

    Your claim identity does not have ClaimTypes.NameIdentifier, you should add more into claim array:

    var claims = new List<Claim>
{
    new Claim(ClaimTypes.Name, "username"),
    new Claim(ClaimTypes.Email, "user@gmail.com"),
    new Claim(ClaimTypes.NameIdentifier, "userId"), //should be userid
};

    To map the information to Claim for more corrective:

    ClaimTypes.Name => map to username
ClaimTypes.NameIdentifier => map to user_id

    Since username is unique also, so you are able to use username for anti-forgery token support.

    0 讨论(0)
  • 生来不讨喜
    2021-02-01 23:58

    AntiForgeryConfig

    One way to solve it is to set AntiForgeryConfig to use other ClaimType.

    protected void Application_Start()
{
    AreaRegistration.RegisterAllAreas();

    WebApiConfig.Register(GlobalConfiguration.Configuration);
    FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
    RouteConfig.RegisterRoutes(RouteTable.Routes);
    BundleConfig.RegisterBundles(BundleTable.Bundles);

    AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.Email;
}

    Add NameIdentifier and IdentityProvider ClaimTypes

    Alternatively, you can add NameIdentifier and IdentityProvider ClaimTypes to your claims.

    List<Claim> _claims = new List<Claim>();
_claims.AddRange(new List<Claim>
{
    new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", _user.Email)),
    new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", _user.Email)
})

    See: https://stack247.wordpress.com/2013/02/22/antiforgerytoken-a-claim-of-type-nameidentifier-or-identityprovider-was-not-present-on-provided-claimsidentity/

    0 讨论(0)
  • 忘掉有多难
    2021-02-01 23:59

    Your Global.asax.cs file should be like this:

    namespace YOUR_PROJECT_NAME
{
    public class MvcApplication : System.Web.HttpApplication
    {
         protected void Application_Start()
         {
             AreaRegistration.RegisterAllAreas();
             RouteConfig.RegisterRoutes(RouteTable.Routes);
             AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.NameIdentifier;
         }
    }
}

    Means If its not like thta, You have to add this code to that:

    AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.NameIdentifier;

    and Don't forget yo change "YOUR_PROJECT_NAME" with yours.

    0 讨论(0)
  • 别那么骄傲
    2021-02-02 00:01

    I used this on Global.asax.cs Application_Start() and solved the error:

    AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.Name;

    0 讨论(0)
  • 不知归路
    2021-02-02 00:17

    In your Application_Start(), specify which Claim to use as the NameIdentifier:

    public class MvcApplication : System.Web.HttpApplication
{
    protected void Application_Start()
    {
        ...

        System.Web.Helpers.AntiForgeryConfig.UniqueClaimTypeIdentifier = 
            System.Security.Claims.ClaimTypes.NameIdentifier;

        ...
    }
}

    See: http://brockallen.com/2012/07/08/mvc-4-antiforgerytoken-and-claims/

    0 讨论(0)
 看不清?
提交回复
热议问题