まとめ
基本的な.NET Coreを公開しようとしていますReactアプリはIdentityServerでエラーを受信しています。これはdotnet new react --auth Individual、.Net Core 3.0 Preview5を使用しており、手順 ここ および ここ 。
TLS/SSL設定を介してPFXをアップロードしました。また、証明書が私の開発環境で機能することを確認し、GetMyX509Certificate
が証明書を返すことを確認しました。
問題の原因となっているコードは、app.UseIdentityServer()の実行時にStartup.csのConfigureにあるようです。
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
//...
Log.Information("Configure - running app.Use: Authentication, IdentityServer");
Log.Information("Configure - running app.Use: Authentication");
app.UseAuthentication();
Log.Information("Configure - running app.Use: IdentityServer");
app.UseIdentityServer();
//CODE DOESN'T MAKE IT HERE!!!
Log.Information("Configure - running app.UseMvc");
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller}/{action=Index}/{id?}");
});
Log.Information("Configure - running app.UseSpa");
app.UseSpa(spa =>
{
spa.Options.SourcePath = "ClientApp";
if (env.IsDevelopment())
{
spa.UseReactDevelopmentServer(npmScript: "start");
}
});
Log.Information("Configure - Done!");
}
エラー
ASPNETCORE_DETAILEDERRORS = true
をアクティブにすると、次のエラーが発生します。
InvalidOperationException: Key type not specified
Microsoft.AspNetCore.ApiAuthorization.IdentityServer.ConfigureSigningCredentials.LoadKey()
Microsoft.AspNetCore.ApiAuthorization.IdentityServer.ConfigureSigningCredentials.Configure(ApiAuthorizationOptions options)
Microsoft.Extensions.Options.OptionsFactory<TOptions>.Create(string name)
Microsoft.Extensions.Options.OptionsManager<TOptions>+<>c__DisplayClass5_0.<Get>b__0()
System.Lazy<T>.ViaFactory(LazyThreadSafetyMode mode)
System.Lazy<T>.ExecutionAndPublication(LazyHelper executionAndPublication, bool useDefaultConstructor)
System.Lazy<T>.CreateValue()
System.Lazy<T>.get_Value()
Microsoft.Extensions.Options.OptionsCache<TOptions>.GetOrAdd(string name, Func<TOptions> createOptions)
Microsoft.Extensions.Options.OptionsManager<TOptions>.Get(string name)
Microsoft.Extensions.Options.OptionsManager<TOptions>.get_Value()
Microsoft.Extensions.DependencyInjection.IdentityServerBuilderConfigurationExtensions+<>c.<AddClients>b__7_1(IServiceProvider sp)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitFactory(FactoryCallSite factoryCallSite, RuntimeResolverContext context)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor<TArgument, TResult>.VisitCallSiteMain(ServiceCallSite callSite, TArgument argument)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitCache(ServiceCallSite callSite, RuntimeResolverContext context, ServiceProviderEngineScope serviceProviderEngine, RuntimeResolverLock lockType)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitRootCache(ServiceCallSite singletonCallSite, RuntimeResolverContext context)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor<TArgument, TResult>.VisitCallSite(ServiceCallSite callSite, TArgument argument)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitConstructor(ConstructorCallSite constructorCallSite, RuntimeResolverContext context)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor<TArgument, TResult>.VisitCallSiteMain(ServiceCallSite callSite, TArgument argument)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitDisposeCache(ServiceCallSite transientCallSite, RuntimeResolverContext context)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor<TArgument, TResult>.VisitCallSite(ServiceCallSite callSite, TArgument argument)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitConstructor(ConstructorCallSite constructorCallSite, RuntimeResolverContext context)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor<TArgument, TResult>.VisitCallSiteMain(ServiceCallSite callSite, TArgument argument)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitDisposeCache(ServiceCallSite transientCallSite, RuntimeResolverContext context)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor<TArgument, TResult>.VisitCallSite(ServiceCallSite callSite, TArgument argument)
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.Resolve(ServiceCallSite callSite, ServiceProviderEngineScope scope)
Microsoft.Extensions.DependencyInjection.ServiceLookup.DynamicServiceProviderEngine+<>c__DisplayClass1_0.<RealizeService>b__0(ServiceProviderEngineScope scope)
Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngine.GetService(Type serviceType, ServiceProviderEngineScope serviceProviderEngineScope)
Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngineScope.GetService(Type serviceType)
Microsoft.AspNetCore.Builder.IdentityServerApplicationBuilderExtensions.TestService(IServiceProvider serviceProvider, Type service, ILogger logger, string message, bool doThrow)
Microsoft.AspNetCore.Builder.IdentityServerApplicationBuilderExtensions.Validate(IApplicationBuilder app)
Microsoft.AspNetCore.Builder.IdentityServerApplicationBuilderExtensions.UseIdentityServer(IApplicationBuilder app)
ReactWithAuth.Startup.Configure(IApplicationBuilder app, IWebHostEnvironment env) in Startup.cs
System.RuntimeMethodHandle.InvokeMethod(object target, object[] arguments, Signature sig, bool constructor, bool wrapExceptions)
System.Reflection.RuntimeMethodInfo.Invoke(object obj, BindingFlags invokeAttr, Binder binder, object[] parameters, CultureInfo culture)
Microsoft.AspNetCore.Hosting.Internal.ConfigureBuilder.Invoke(object instance, IApplicationBuilder builder)
Microsoft.AspNetCore.Hosting.Internal.ConfigureBuilder+<>c__DisplayClass4_0.<Build>b__0(IApplicationBuilder builder)
Microsoft.AspNetCore.Hosting.Internal.ConventionBasedStartup.Configure(IApplicationBuilder app)
Microsoft.AspNetCore.Mvc.Filters.MiddlewareFilterBuilderStartupFilter+<>c__DisplayClass0_0.<Configure>g__MiddlewareFilterBuilder|0(IApplicationBuilder builder)
Microsoft.AspNetCore.Server.IIS.Core.IISServerSetupFilter+<>c__DisplayClass2_0.<Configure>b__0(IApplicationBuilder app)
Microsoft.AspNetCore.HostFilteringStartupFilter+<>c__DisplayClass0_0.<Configure>b__0(IApplicationBuilder app)
Microsoft.AspNetCore.Hosting.Internal.WebHost.BuildApplication()
Microsoft.Extensions.DependencyInjection.IdentityServerBuilderExtensionsCrypto.AddSigningCredential(IIdentityServerBuilder builder, X509Certificate2 certificate)
Projects.Startup.ConfigureServices(IServiceCollection services) in Startup.cs
System.RuntimeMethodHandle.InvokeMethod(object target, object[] arguments, Signature sig, bool constructor, bool wrapExceptions)
System.Reflection.RuntimeMethodInfo.Invoke(object obj, BindingFlags invokeAttr, Binder binder, object[] parameters, CultureInfo culture)
Microsoft.AspNetCore.Hosting.Internal.ConfigureServicesBuilder.InvokeCore(object instance, IServiceCollection services)
Microsoft.AspNetCore.Hosting.Internal.ConfigureServicesBuilder+<>c__DisplayClass9_0.<Invoke>g__Startup|0(IServiceCollection serviceCollection)
Microsoft.AspNetCore.Hosting.Internal.StartupLoader+ConfigureServicesDelegateBuilder<TContainerBuilder>+<>c__DisplayClass15_0.<BuildStartupServicesFilterPipeline>g__RunPipeline|0(IServiceCollection services)
Microsoft.AspNetCore.Hosting.Internal.ConfigureServicesBuilder.Invoke(object instance, IServiceCollection services)
Microsoft.AspNetCore.Hosting.Internal.ConfigureServicesBuilder+<>c__DisplayClass8_0.<Build>b__0(IServiceCollection services)
Microsoft.AspNetCore.Hosting.Internal.StartupLoader+ConfigureServicesDelegateBuilder<TContainerBuilder>+<>c__DisplayClass14_0.<ConfigureServices>g__ConfigureServicesWithContainerConfiguration|0(IServiceCollection services)
Microsoft.AspNetCore.Hosting.Internal.ConventionBasedStartup.ConfigureServices(IServiceCollection services)
Microsoft.AspNetCore.Hosting.Internal.WebHost.EnsureApplicationServices()
Microsoft.AspNetCore.Hosting.Internal.WebHost.Initialize()
Microsoft.AspNetCore.Hosting.Internal.WebHost.BuildApplication()
私が試したもの
解決策はそれほど多くありません。 IdentityServer4は Grant Types に関してタイプについてのみ話しますが、これはその前にあるようです。
上記のコードから、以下のコード行がnull引数の例外を引き起こしていると想定しています。
.AddSigningCredential(cert);
**cert**
がnullであるため、メソッドGetMyX509Certificate
try
{
System.Diagnostics.Trace.TraceInformation($"HELLO! TRYING TO GET THE CERTIFICATE");
return new X509Certificate2(File.ReadAllBytes(pfxFilePath), password, sFlags);
}
catch (PlatformNotSupportedException ex)
{
System.Diagnostics.Trace.TraceError($"HELLO! {ex.Message}");
if(sFlags.HasFlag(X509KeyStorageFlags.EphemeralKeySet))
{
return GetMyX509Certificate(pfxFilePath,password,X509KeyStorageFlags.MachineKeySet);
} else
{
return null;
}
}
catch (Exception ex)
{
System.Diagnostics.Trace.TraceError($"HELLO! {ex.Message}");
return null;
}
あなたのコードは**PlatformNotSupportedException**
タイプの例外をスローしていないので、それは確実にジェネリック例外をスローし、これは後で最後の行でキャッチされます
catch (Exception ex)
{
System.Diagnostics.Trace.TraceError($"HELLO! {ex.Message}");
return null;
}
ここからnullが返され、内部的に実際のエラーが発生します。
なぜKUDUを使用できないのかわかりませんが、もしそうなら、いくつかのロギングライブラリを使用して情報ロギングを有効にすることをお勧めします。カスタムテレメトリを使用したファイルシステムロギングまたはアプリケーションの問題。
それが役に立てば幸い。