Auth0 ASP.Net.Owin SSO验证cookie跨域

Question

我想在我的ASP.NET应用程序上使用Auth0 & OWIN在同一个域上设置SSO。我使用以下教程setup my Owin Context。

我配置了Auth0的cookie的名称&域与CookieAuthenticationOptions在startup.cs：

string auth0Domain = ConfigurationManager.AppSettings["auth0:Domain"]; 
string auth0ClientId = ConfigurationManager.AppSettings["auth0:ClientId"]; 
string auth0ClientSecret = ConfigurationManager.AppSettings["auth0:ClientSecret"]; 

// Enable Kentor Cookie Saver middleware 
app.UseKentorOwinCookieSaver(); 
// Set Cookies as default authentication type 
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); 
app.UseCookieAuthentication(new CookieAuthenticationOptions 
{ 
    //Add Cross domain 
    CookieName = "sso.example.com", 
    CookieDomain = ".example.com", 
    AuthenticationType = CookieAuthenticationDefaults.AuthenticationType, 
    LoginPath = new PathString("/Account/Login") 
}); 

我Auth0配置在Startup.cs：

var options = new Auth0AuthenticationOptions() 
     { 
      Domain = auth0Domain, 
      ClientId = auth0ClientId, 
      ClientSecret = auth0ClientSecret, 
      Provider = new Auth0AuthenticationProvider 
      { 

       OnAuthenticated = context => 
       { 
        // Get the user's country 
        JToken countryObject = context.User["https://example.com/geoip"]; 
        if (countryObject != null) 
        { 
         string countryCode = countryObject["country_code"].ToObject<string>(); 
         string Lat = countryObject["latitude"].ToObject<string>(); 
         string Long = countryObject["longitude"].ToObject<string>(); 
         string City = countryObject["city_name"].ToObject<string>(); 
         string Country = countryObject["country_name"].ToObject<string>(); 

         context.Identity.AddClaim(new Claim("country_code", countryCode, ClaimValueTypes.String, context.Connection)); 
         context.Identity.AddClaim(new Claim("country_name", Country, ClaimValueTypes.String, context.Connection)); 
         context.Identity.AddClaim(new Claim("city_name", City, ClaimValueTypes.String, context.Connection)); 
         context.Identity.AddClaim(new Claim("longitude", Long, ClaimValueTypes.String, context.Connection)); 
         context.Identity.AddClaim(new Claim("latitude", Lat, ClaimValueTypes.String, context.Connection)); 
        } 
        JToken userMeta = context.User["https://example.com/user_metadata"]; 
        if (userMeta != null) 
        { 
         string companyName = userMeta["company"].ToObject<string>(); 
         context.Identity.AddClaim(new Claim("company", companyName, ClaimValueTypes.String, context.Connection)); 
         string fullName = userMeta["full_name"].ToObject<string>(); 
         context.Identity.AddClaim(new Claim("full_name", fullName, ClaimValueTypes.String, context.Connection)); 
        } 

        JToken rolesObject = context.User["https://example.com/app_metadata"]; 
        if (rolesObject != null) 
        { 
         string[] roles = rolesObject["roles"].ToObject<string[]>(); 
         foreach (var role in roles) 
         { 
          context.Identity.AddClaim(new Claim(ClaimTypes.Role, role, ClaimValueTypes.String, context.Connection)); 
         } 
        } 

        return Task.FromResult(0); 
       } 
      } 

     }; 
     options.Scope.Add("openid profile"); // Request a refresh_token 

我怎么会去关于在辅助应用程序上验证客户端？ Cookie可以在辅助应用程序上使用，但我仍然需要通过Auth0进行登录。我错过了什么吗？还是有一篇文章我可以阅读有关implimentation？

Answer 1

我通过复制在这两个应用相同startup.cs，并增加了machine key到根Web配置文件，在的System.Web标签解决了这个。

我的初始配置没有任何变化，我只是将域名更改为我的域名。