我是一位有用的助手,可以为您进行文本翻译。以下是需要翻译的内容:
Azure应用程序注册已正确配置,将https://mywebsite.com/signin-oidc作为重定向URL。我还添加了以下内容,以允许从代理转发标头:
我会克服这个问题,但似乎对此错误没有影响。
我正在处理一个与 .netcore3.1 应用相关的错误,这让我感到沮丧。
以下是我的设置:
在 Startup.cs 中:
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftWebApp(options =>
{
Configuration.Bind("AzureAd", options);
options.Events ??= new OpenIdConnectEvents();
options.Events.OnRedirectToIdentityProvider = async ctx =>
{
ctx.ProtocolMessage.RedirectUri = Configuration["AzureAd:RedirectUri"];
await Task.CompletedTask;
};
})
.AddMicrosoftWebAppCallsWebApi(Configuration, new[] { "user.read" })
.AddDistributedTokenCaches();
在我的应用程序设置中
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"ClientId": "ClientId",
"TenantId": "TenantId",
"RedirectUri": "https://mywebsite.com/signin-oidc",
"ClientSecret": "ClientSecret"
},
Azure应用程序注册已正确配置,将https://mywebsite.com/signin-oidc作为重定向URL。我还添加了以下内容,以允许从代理转发标头:
services.Configure<ForwardedHeadersOptions>(options =>
{
options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
options.KnownNetworks.Clear();
options.KnownProxies.Clear();
});
// then in the Configure method
app.UseForwardedHeaders();
但我仍然遇到了这个困扰我的错误。我认为通过添加
ctx.ProtocolMessage.RedirectUri = Configuration["AzureAd:RedirectUri"];
我会克服这个问题,但似乎对此错误没有影响。
An unhandled exception occurred","Properties":{"CorrelationId":"c3393560-6ebe-41ce-99fc-693c1a387474","Path":"/signin-oidc","Method":"POST","exceptionMessage":"An error was encountered while handling the remote login.","exception":"System.Exception: An error was encountered while handling the remote login.\n ---> MSAL.NetCore.4.16.1.0.MsalServiceException: \n\tErrorCode: invalid_client\nMicrosoft.Identity.Client.MsalServiceException: A configuration issue is preventing authentication - check the error message from the server for details.You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS500112: The reply address 'http://mywebsite.com/signin-oidc' does not match the reply address 'https://mywebsite.com/signin-oidc' provided when requesting Authorization