在已有 Asp.Net Core MVC (Identity) 專案中新增 IdentityServer 可以通過 Nuget 安裝並新增程式碼,但直接使用會導致外部登入時出現 404 錯誤。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
services
    .AddIdentityServer()
    .AddConfigurationStore(options =>
    {
        options.ConfigureDbContext = builder =>
            builder.UseSqlServer(connectionString,
                sql => sql.MigrationsAssembly(migrationsAssembly));
    })
    .AddOperationalStore(options =>
    {
        options.ConfigureDbContext = builder =>
            builder.UseSqlServer(connectionString,
                sql => sql.MigrationsAssembly(migrationsAssembly));
    })
    .AddAspNetIdentity<ApplicationUser>();

外部登入有時會出現 404 錯誤,發現系 .Identity.External.AspNetCore.Correlation.* Cookies 過大所致,經調查可使用 SessionStore 解決。

1
2
3
4
5
6
7
8
9
10
11
12
services.AddSingleton<ITicketStore, CacheTicketStore>();

var ticketStore = services.BuildServiceProvider().GetService<ITicketStore>();

services.ConfigureExternalCookie(options => {
    options.SessionStore = ticketStore;
});

services.ConfigureApplicationCookie(options =>
{
    options.SessionStore = ticketStore;
});

CacheTicketStore 中需要實作下列方法:

1
2
3
4
5
6
7
Task<string> StoreAsync(AuthenticationTicket ticket);

Task RenewAsync(string key, AuthenticationTicket ticket);

Task<AuthenticationTicket> RetrieveAsync(string key);

Task RemoveAsync(string key);

亦可在建構函式中通過 DI 存取 IMemoryCacheIDistributedCache 服務。