第一次外部登录尝试重定向回登录操作，第二次有效

本文介绍了第一次外部登录尝试重定向回登录操作，第二次有效的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我在我的 ASP.Net MVC 5/WebApi 2 项目中使用 OWIN 的外部身份验证提供程序，但遇到了一个奇怪的问题.

I'm using OWIN's external authentication providers in my ASP.Net MVC 5 / WebApi 2 project and I've hit a strange problem.

登录工作流程与 SO 上的这里完全一样.用户点击登录页面，选择一个提供者并登录.我的问题是第一次点击提供者会重​​定向回相同的登录页面:

The login workflow is exactly like here on SO. User hits the login page, picks a provider and gets logged in. My problem is that the first click on a provider redirects back to the same login page:

localhost:57291/Account/Login?ReturnUrl=%2fAccount%2fExternalLogin

如果 ExternalLogin 操作缺少 AllowAnonymous 属性，这将是有意义的.

This would make sense if the ExternalLogin action would be lacking the AllowAnonymous attribute.

当用户第二次点击时，一切正常.

When the user clicks a second time everything works.

我也尝试过使用不同的浏览器，问题在 Chrome、IE11 和 Firefox 中是一致的.

I've also tried that with different browsers and the problem is consistent across Chrome, IE11 and Firefox.

登录.cshtml:

@using (Html.BeginForm("ExternalLogin", "Account", new { ReturnUrl = ViewBag.ReturnUrl })) { <fieldset> <legend>@Strings.ExternalAuthenticationProvidersDescription</legend> <p> @foreach (var p in Model.ExternalAuthenticationProviders) { <button type="submit" name="provider" value="@p.AuthenticationType" title="Log in using your @p.Caption account">@p.Caption</button> } </p> </fieldset> }

AccountController.cs

public class AccountController : Controller { ... [AllowAnonymous] [HttpPost] public ActionResult ExternalLogin(string provider, string returnUrl) { return new ChallengeResult(provider, Url.Action("ExternalLoginCallback", "Account", new { loginProvider = provider, ReturnUrl = returnUrl })); } ... }

ChallengeResult.cs:

public class ChallengeResult : HttpUnauthorizedResult { public ChallengeResult(string provider, string redirectUrl) { LoginProvider = provider; RedirectUrl = redirectUrl; } public string LoginProvider { get; set; } public string RedirectUrl { get; set; } public override void ExecuteResult(ControllerContext context) { context.HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = RedirectUrl }, LoginProvider); } }

FilterConfig.cs

public class FilterConfig { public static void RegisterGlobalFilters(GlobalFilterCollection filters) { filters.Add(new HandleErrorAttribute()); // make all api controllers secure by default filters.Add(new AuthorizeAttribute()); } }

推荐答案

原来的问题是我的项目最初是作为 MVC 4 应用程序开始的，它在 web.config 中有这个导致问题:

Turns out the issue was that my project initially started out as an MVC 4 application which had this in web.config causing the issue:

<authentication mode="Forms"> <forms loginUrl="~/Account/Login" timeout="2880" /> </authentication>

我认为 OWIN 和 Forms 身份验证同时处于活动状态.

I think both OWIN and Forms authentication was active at the same time.