NET Core MVC Web应用程序,我正尝试将其发布并部署到IIS。我的应用程序使用Okta作为授权。当从VS代码运行时,它工作得很好,但当我发布它并在IIS中创建应用程序时,然后浏览它时,我收到404错误:
您的请求导致错误。'redirect_uri'参数必须是客户端应用程序设置中的登录重定向URI:https://myapp-admin.oktapreview.com/admin/app/oidc_client/instance/0qp0wpty1plmokgT09i7#tab-general
我试着按照https://support.okta.com/help/s/article/The-redirect-uri-parameter-must-be-an-absolute-URI?language=en_US的指令运行,但它们没有产生任何不同的结果,我真的很困惑,为什么它在VS代码中运行时可以正常工作,但在IIS中却不行。
在Okta中,我的登录重定向URI是https://localhost:7128/okta-auth,我的注销重定向URI是http://localhost:8080,登录仅由应用程序启动,我没有为启动登录URI设置任何内容。
在我的应用程序appsettings.json
中,我设置了Okta:
"Okta": {
"Issuer": "https://myapp.oktapreview.com/oauth2/default",
"ClientId": "hidden",
"ClientSecret": "hidden",
"CallbackPath": "/okta-auth",
"Authority": "https://myapp.oktapreview.com/oauth2/default"
}
//Startup.cs
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
namespace okta_aspnetcore_mvc_example
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews();
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = "okta";
})
.AddCookie(options =>
{
})
//let users sign in with okta account
.AddOpenIdConnect("okta", options =>
{
options.Authority = Configuration["Okta:Authority"];
options.ClientId = Configuration["Okta:ClientId"];
options.ClientSecret = Configuration["Okta:ClientSecret"];
options.CallbackPath = Configuration["Okta:CallbackPath"];
options.ResponseType = OpenIdConnectResponseType.Code;
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
}
}
Program.cs:
public class Program
{
public static void Main(string[] args)
{
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
var startup = new Startup(builder.Configuration); //startup class
startup.ConfigureServices(builder.Services); // Add services to the container.
builder.Services.AddControllersWithViews();
builder.Services.AddDbContext<ApplicationDbContext>(options => options.UseSqlServer(
builder.Configuration.GetConnectionString("DefaultConnection")
));
builder.Services.AddRazorPages();
var app = builder.Build();
startup.Configure(app, app.Environment); // Configure the HTTP request pipeline.
// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthorization();
app.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
app.Run();
}
}
launchSettings.json
:
{
"iisSettings": {
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:54230",
"sslPort": 44378
}
},
"profiles": {
"MyApp": {
"commandName": "Project",
"dotnetRunMessages": true,
"launchBrowser": true,
"applicationUrl": "https://localhost:7128;http://localhost:5082",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
},
"IIS Express": {
"commandName": "IISExpress",
"launchBrowser": true,
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
}
}
}
我将应用程序发布到文件夹,然后将该文件夹上传到IIS,并将其转换为应用程序,并启用授权匿名身份验证。
当我右键点击应用程序并点击浏览我得到上述错误,我真的不知道为什么
1条答案
按热度按时间yhxst69z1#
确保应用程序托管在iis的端口7128上。您可以更改iis端口以匹配7128,或者更改Okta上的重定向URI以匹配iis上的端口