Activities of "mc86"

你好 现在有问题,可能是什么导致的呢? 我使用https://authserver:28443/Passwordless/Login?userId=0630&token=123 跳转到authserver的Passwordless

可以正常跳转,跳转后进入页面开始验证.但是最终会跳转到Logout

` [HttpGet("Login")] public virtual async Task

 await UserManager.UpdateSecurityStampAsync(user);

  await SignInManager.SignInAsync(user, isPersistent: false);

 var blazorserver= "http://blazorserver:28444";
 return Redirect(blazorserver);

}`

BLAZOR -log

2025-09-18 10:41:00.187 +08:00 [INF] Request starting HTTP/1.1 GET http://master.aysdlrmyy.com:28444/ - null null 2025-09-18 10:41:00.187 +08:00 [INF] Executing endpoint '/ (/)' 2025-09-18 10:41:00.192 +08:00 [WRN] Could not find IdentityClientConfiguration for AbpMvcClient. Either define a configuration for AbpMvcClient or set a default configuration. 2025-09-18 10:41:00.192 +08:00 [INF] Start processing HTTP request GET https://master.aysdlrmyy.com:28445/api/abp/application-configuration?* 2025-09-18 10:41:00.192 +08:00 [INF] Sending HTTP request GET https://master.aysdlrmyy.com:28445/api/abp/application-configuration?* 2025-09-18 10:41:00.250 +08:00 [INF] Received HTTP response headers after 57.9971ms - 200 2025-09-18 10:41:00.250 +08:00 [INF] End processing HTTP request after 58.2247ms - 200 2025-09-18 10:41:00.251 +08:00 [WRN] Could not find IdentityClientConfiguration for AbpMvcClient. Either define a configuration for AbpMvcClient or set a default configuration. 2025-09-18 10:41:00.251 +08:00 [INF] Start processing HTTP request GET https://master.aysdlrmyy.com:28445/api/abp/application-localization?* 2025-09-18 10:41:00.251 +08:00 [INF] Sending HTTP request GET https://master.aysdlrmyy.com:28445/api/abp/application-localization?* 2025-09-18 10:41:00.392 +08:00 [INF] Received HTTP response headers after 141.242ms - 200 2025-09-18 10:41:00.392 +08:00 [INF] End processing HTTP request after 141.4583ms - 200 2025-09-18 10:41:00.394 +08:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: SettingManagement.Emailing

AUTH-SERVER 2025-09-18 10:41:00.070 +08:00 [INF] Request starting HTTP/2 GET https://master.aysdlrmyy.com:28443/Passwordless/Login?userId=admin&token=123 - null null 2025-09-18 10:41:00.073 +08:00 [INF] Executing endpoint 'Master9.Custom.PasswordlessController.Login (Master9.AuthServer)' 2025-09-18 10:41:00.073 +08:00 [INF] Route matched with {action = "Login", controller = "Passwordless", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task1[Microsoft.AspNetCore.Mvc.IActionResult] Login(System.String, System.String) on controller Master9.Custom.PasswordlessController (Master9.AuthServer). 2025-09-18 10:41:00.167 +08:00 [INF] AuthenticationScheme: Identity.Application signed in. 2025-09-18 10:41:00.169 +08:00 [INF] Executing RedirectResult, redirecting to http://master.aysdlrmyy.com:28444. 2025-09-18 10:41:00.169 +08:00 [INF] Executed action Master9.Custom.PasswordlessController.Login (Master9.AuthServer) in 96.0496ms 2025-09-18 10:41:00.169 +08:00 [INF] Executed endpoint 'Master9.Custom.PasswordlessController.Login (Master9.AuthServer)' 2025-09-18 10:41:00.171 +08:00 [INF] Request finished HTTP/2 GET https://master.aysdlrmyy.com:28443/Passwordless/Login?userId=admin&token=123 - 302 null null 101.0982ms 2025-09-18 10:41:05.135 +08:00 [INF] Request starting HTTP/2 GET https://master.aysdlrmyy.com:28443/connect/logout?post_logout_redirect_uri=http%3A%2F%2Fmaster.aysdlrmyy.com%3A28444%2Fsignout-callback-oidc&state=CfDJ8D2ygYFMKaZGvAEpZ3bmx8lReZ3O7KYHF1W13nbjz63FeaXjQWKJ-wBoj9J1H7UXTDAAAuB2CIFIwOXP2pJETFdea2hXUO2mpi9Jx2dBIVoS-6SwSZcCJ00gYo3K6eLy1wXoVpL82stixCDdakYY7pA&x-client-SKU=ID_NET9_0&x-client-ver=8.1.0.0 - null null 2025-09-18 10:41:05.136 +08:00 [INF] The request URI matched a server endpoint: "Logout". 2025-09-18 10:41:05.136 +08:00 [INF] The logout request was successfully extracted: { "post_logout_redirect_uri": "http://master.aysdlrmyy.com:28444/signout-callback-oidc", "state": "CfDJ8D2ygYFMKaZGvAEpZ3bmx8lReZ3O7KYHF1W13nbjz63FeaXjQWKJ-wBoj9J1H7UXTDAAAuB2CIFIwOXP2pJETFdea2hXUO2mpi9Jx2dBIVoS-6SwSZcCJ00gYo3K6eLy1wXoVpL82stixCDdakYY7pA", "x-client-SKU": "ID_NET9_0", "x-client-ver": "8.1.0.0" }. 2025-09-18 10:41:05.139 +08:00 [INF] The logout request was rejected because the specified post_logout_redirect_uri was invalid: http://master.aysdlrmyy.com:28444/signout-callback-oidc. 2025-09-18 10:41:05.139 +08:00 [INF] Request finished HTTP/2 GET https://master.aysdlrmyy.com:28443/connect/logout?post_logout_redirect_uri=http%3A%2F%2Fmaster.aysdlrmyy.com%3A28444%2Fsignout-callback-oidc&state=CfDJ8D2ygYFMKaZGvAEpZ3bmx8lReZ3O7KYHF1W13nbjz63FeaXjQWKJ-wBoj9J1H7UXTDAAAuB2CIFIwOXP2pJETFdea2hXUO2mpi9Jx2dBIVoS-6SwSZcCJ00gYo3K6eLy1wXoVpL82stixCDdakYY7pA&x-client-SKU=ID_NET9_0&x-client-ver=8.1.0.0 - 302 null null 4.0188ms 2025-09-18 10:41:05.141 +08:00 [INF] Request starting HTTP/2 GET https://master.aysdlrmyy.com:28443/Error?httpStatusCode=400 - null null 2025-09-18 10:41:05.213 +08:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)' 2025-09-18 10:41:05.213 +08:00 [INF] Route matched with {action = "Index", controller = "Error", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task1[Microsoft.AspNetCore.Mvc.IActionResult] Index(Int32) on controller Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared). 2025-09-18 10:41:05.221 +08:00 [INF] Executing ViewResult, running view ~/Views/Error/Default.cshtml. 2025-09-18 10:41:05.239 +08:00 [INF] Executed ViewResult - view ~/Views/Error/Default.cshtml executed in 17.2282ms. 2025-09-18 10:41:05.239 +08:00 [INF] Executed action Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared) in 25.4387ms 2025-09-18 10:41:05.239 +08:00 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)'

好的 我试一下,谢谢~

1.请求autheserver的passwordlesscontroller. 完成signin 2.打开blazor server 或者wassm的有认证要求的页面 3.自动跳转到autheserver,无需输入密码 4.autheserver跳转回请求页面 是这也吗

能不能直接打开blazor sever的页面A,在A中请求passwordlesscontroller. 然后触发认证?

通过链接用一次性密码在authserver中完成登陆.

Chould you give me more infomation about how to do it ? like step by step. what i need to do in both blazor and AuthServer? thanks a lot.

I know they use Cookie or OpenID Connect , But I'd like to Know how Blazor Server and WASM implement Passwordless Login with auth server.

hi maliming how Blazor Server or WASM implement passwordless login. like use a link redrickt to Blazor Server and keep a user login. I had a EmployeeNumberGrantHandler too. ` public class EmployeeNumberGrantHandler : IOpenIddictServerHandler<OpenIddictServerEvents.HandleTokenRequestContext> { public static OpenIddictServerHandlerDescriptor Descriptor { get; } = OpenIddictServerHandlerDescriptor.CreateBuilder<OpenIddictServerEvents.HandleTokenRequestContext>() .UseScopedHandler

  private readonly IdentityUserManager _userManager;

  public EmployeeNumberGrantHandler(IdentityUserManager userManager)
  {
      _userManager = userManager;
  }

  public async ValueTask HandleAsync(OpenIddictServerEvents.HandleTokenRequestContext context)
  {
      try
      {
          if (!string.Equals(context.Request.GrantType, "employee_number", StringComparison.Ordinal))
              return ;

          var empNo = context.Request["employee_number"]?.ToString();
          var ts = context.Request["timestamp"]?.ToString();
          var signature = context.Request["signature"]?.ToString();

          if (string.IsNullOrEmpty(empNo) || string.IsNullOrEmpty(ts) || string.IsNullOrEmpty(signature))
          {
              context.Reject(OpenIddictConstants.Errors.InvalidRequest, "Missing parameters.");
              return  ;
          }

          // 1. 检查时间戳有效性
          if (!long.TryParse(ts, out var ticks) ||
              DateTime.UtcNow - new DateTime(ticks, DateTimeKind.Utc) > TimeSpan.FromMinutes(5))
          {
              context.Reject(OpenIddictConstants.Errors.InvalidGrant, "Expired timestamp.");
              return  ;
          }

          // 2. 验证签名
          var raw = $"{empNo}:{ts}";
          if (!VerifySignature(raw, signature, "SuperSecretSharedKey123!"))
          {
              context.Reject(OpenIddictConstants.Errors.InvalidGrant, "Invalid signature.");
              return  ;
          }

          // 3. 查找用户
          var user = await _userManager.FindByNameAsync(empNo);
          if (user == null)
          {
              context.Reject(OpenIddictConstants.Errors.InvalidGrant, "User not found.");
              return;
          }

          // 4. 创建 ClaimsIdentity
          var identity = new ClaimsIdentity(
              TokenValidationParameters.DefaultAuthenticationType,
              OpenIddictConstants.Claims.Name,
              OpenIddictConstants.Claims.Role);

          // subject（必须）
          var subject = new Claim(OpenIddictConstants.Claims.Subject, user.Id.ToString());
          subject.SetDestinations(OpenIddictConstants.Destinations.AccessToken,
                                  OpenIddictConstants.Destinations.IdentityToken);
          identity.AddClaim(subject);

          // 用户名
          var name = new Claim(OpenIddictConstants.Claims.Name, user.UserName ?? empNo);
          name.SetDestinations(OpenIddictConstants.Destinations.AccessToken,
                               OpenIddictConstants.Destinations.IdentityToken);
          identity.AddClaim(name);

          // 工号
          var empNoClaim = new Claim("employee_number", empNo);
          empNoClaim.SetDestinations(OpenIddictConstants.Destinations.AccessToken,
                                     OpenIddictConstants.Destinations.IdentityToken);
          identity.AddClaim(empNoClaim);

          // 5. 创建 principal
          var principal = new ClaimsPrincipal(identity);

          // 给 token 添加 scopes（至少 openid/profile，客户端必须要请求）
          principal.SetScopes(new[]
          {
              OpenIddictConstants.Scopes.OpenId,
              OpenIddictConstants.Scopes.Profile,
              OpenIddictConstants.Scopes.Email,
              OpenIddictConstants.Scopes.Roles
          }.Intersect(context.Request.GetScopes()));

          // 可以给 access_token 附加 API 资源
          principal.SetResources("resource_server");

          context.Principal = principal;
          context.SignIn(principal);
          context.HandleRequest(); 
      }
      catch (Exception ex)
      {
          context.Reject(OpenIddictConstants.Errors.InvalidGrant, ex.Message);
          return  ;
      }
     
       
  }

  private static bool VerifySignature(string raw, string signature, string secretKey)
  {
      using var hmac = new System.Security.Cryptography.HMACSHA256(System.Text.Encoding.UTF8.GetBytes(secretKey));
      var hash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(raw));
      var expected = Convert.ToBase64String(hash);
      return expected == signature;
  }

}`

Volo.Abp.AspNetCore.Mvc, Version=8.1.0.0

hi Can‘t reproduce this in a new template project. it seems in single-layer project the Volo.Abp.AspNetCore.Mvc.dll still references to Microsoft.AspNetCore.Mvc.Versioning

I 'v already cheked this pots. it doesn't work.