asp.net - 如何自定义 UseExternalSignInCookie？

Question

我正在使用 ASP.NET Identity 2.0 并尝试将“.AspNet.ExternalCookie”cookie 的域设置为“.mydomain.com”，因为我想从另一个子域读取 cookie。

一些解决方案说我可以更改此代码:

app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

对此:

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
    CookieName = CookieAuthenticationDefaults.CookiePrefix + "External",
    LoginPath = new PathString("/Account/Login"),
    CookieDomain = ".mydomain.com"
});

但我收到以下错误:

A default value for SignInAsAuthenticationType was not found in IAppBuilder Properties. This can happen if your authentication middleware are added in the wrong order, or if one is missing.

我的完整代码如下所示:

        public void ConfigureAuth(IAppBuilder app)
    {
        app.CreatePerOwinContext(ApplicationDbContext.Create);
        app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            Provider = new CookieAuthenticationProvider
            {
                OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
                    validateInterval: TimeSpan.FromMinutes(30),
                    regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
            }
        });

        //app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
            CookieName = CookieAuthenticationDefaults.CookiePrefix + "External",
            LoginPath = new PathString("/Account/Login"),
            CookieDomain = ".mydomain.com",
            ExpireTimeSpan = TimeSpan.FromMinutes(5)
        });

        app.UseMicrosoftAccountAuthentication(
            clientId: "1",
            clientSecret: "1");

        app.UseTwitterAuthentication(
           consumerKey: "2",
           consumerSecret: "2");

        app.UseFacebookAuthentication(
           appId: "3",
           appSecret: "3");

        app.UseGoogleAuthentication();
    }

Answer 1

似乎有两种解决方案:

解决方案1:

添加

using Microsoft.Owin.Security;

添加

app.SetDefaultSignInAsAuthenticationType(DefaultAuthenticationTypes.ExternalCookie);

在 app.UseCookieAuthentication(...) 之前

解决方案2:

添加

app.Properties["Microsoft.Owin.Security.Constants.DefaultSignInAsAuthenticationType"] = "ExternalCookie";

在 app.UseCookieAuthentication(...) 之前

还有 AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive如果用户从外部提供者进行身份验证，则应该添加它以便不会自动登录用户(它应该由应用程序控制，他应该只通过 ApplicationCookie 进行身份验证)。

        app.SetDefaultSignInAsAuthenticationType(DefaultAuthenticationTypes.ExternalCookie);
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
            AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive,
            LoginPath = new PathString("/accounts/signin"),
            CookieHttpOnly = true,
            CookieName = CookieAuthenticationDefaults.CookiePrefix + "External",
            CookieDomain = ".mydomain.com"
        });