问题
I'm trying to connect an ASP.NET application to Salesforce using OpenId, Currently this is my connecting code so far. I think I got everything except the redirect_uri parameter, which has to match the value on the other end exactly.
app.UseCookieAuthentication(x =>
{
x.AutomaticAuthenticate = true;
x.CookieName = "MyApp";
x.CookieSecure = CookieSecureOption.Always;
x.AuthenticationScheme = "Cookies";
});
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap = new Dictionary<string, string>();
app.UseOpenIdConnectAuthentication(x =>
{
x.AutomaticAuthenticate = true;
x.Authority = "https://login.salesforce.com";
x.ClientId = "CLIENT_ID_HERE";
x.ResponseType = "code";
x.AuthenticationScheme = "oidc";
x.CallbackPath = new PathString("/services/oauth2/success");
//x.RedirectUri = "https://login.salesforce.com/services/oauth2/success";
x.Scope.Add("openid");
x.Scope.Add("profile");
x.Scope.Add("email");
});
But RedirectUri isn't a valid parameter to pass. What is the right way to set it?
回答1:
redirect_uri is automatically computed for you using the scheme, host, port and path extracted from the current request and the CallbackPath you specify.
x.RedirectUri = "https://login.salesforce.com/services/oauth2/success" looks highly suspicious (unless you work for Salesforce): don't forget it's the callback URL the user agent will be redirected to when the authentication flow completes, not the authorization endpoint of your identity provider.
So in your case, the user will be redirected to http(s)://yourdomain.com/services/oauth2/success. Is it the address you registered in your Salesforce options?
回答2:
You need to set an event listen for the OnRedirectToIdentityProvider
in your case:
x.Events.OnRedirectToIdentityProvider = async n =>
{
n.ProtocolMessage.RedirectUri = <Redirect URI string>;
await Task.FromResult(0);
}
来源:https://stackoverflow.com/questions/35976870/how-to-set-redirect-uri-parameter-on-openidconnectoptions-for-asp-net-core