將驗證遷移 Identity 至 ASP.NET Core 2。0Migrate authentication and Identity to ASP.NET Core 2.0

Scott AddieHao KungBy Scott Addie and Hao Kung

ASP.NET Core 2.0 有新的驗證模型, Identity 可使用服務簡化設定。ASP.NET Core 2.0 has a new model for authentication and Identity that simplifies configuration by using services. 使用驗證的 ASP.NET Core 1.x 應用程式,或 Identity 可以更新為使用新的模型,如下所述。ASP.NET Core 1.x applications that use authentication or Identity can be updated to use the new model as outlined below.

更新命名空間Update namespaces

在1.x 中,在 IdentityRole IdentityUser 命名空間中找到類別,例如和 Microsoft.AspNetCore.Identity.EntityFrameworkCoreIn 1.x, classes such IdentityRole and IdentityUser were found in the Microsoft.AspNetCore.Identity.EntityFrameworkCore namespace.

在2.0 中, Microsoft.AspNetCore.Identity 命名空間變成了許多這類類別的新家庭。In 2.0, the Microsoft.AspNetCore.Identity namespace became the new home for several of such classes. 使用預設程式 Identity 代碼時,受影響的類別包括 ApplicationUserStartupWith the default Identity code, affected classes include ApplicationUser and Startup. 調整您 using 的語句,以解決受影響的參考。Adjust your using statements to resolve the affected references.

驗證中介軟體和服務Authentication Middleware and services

在1.x 專案中,驗證是透過中介軟體來設定。In 1.x projects, authentication is configured via middleware. 系統會針對您想要支援的每個驗證配置叫用中介軟體方法。A middleware method is invoked for each authentication scheme you want to support.

下列1.x 範例會 Identity 在 Startup.cs中設定 Facebook 驗證:The following 1.x example configures Facebook authentication with Identity in Startup.cs:

public void ConfigureServices(IServiceCollection services)
{
    services.AddIdentity<ApplicationUser, IdentityRole>()
            .AddEntityFrameworkStores<ApplicationDbContext>();
}

public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory)
{
    app.UseIdentity();
    app.UseFacebookAuthentication(new FacebookOptions {
        AppId = Configuration["auth:facebook:appid"],
        AppSecret = Configuration["auth:facebook:appsecret"]
    });
}

在2.0 專案中,驗證是透過服務來設定。In 2.0 projects, authentication is configured via services. 每個驗證配置都是在 ConfigureServices Startup.cs方法中註冊。Each authentication scheme is registered in the ConfigureServices method of Startup.cs. UseIdentity方法會被取代為 UseAuthenticationThe UseIdentity method is replaced with UseAuthentication.

下列2.0 範例會 Identity 在 Startup.cs中設定 Facebook 驗證:The following 2.0 example configures Facebook authentication with Identity in Startup.cs:

public void ConfigureServices(IServiceCollection services)
{
    services.AddIdentity<ApplicationUser, IdentityRole>()
            .AddEntityFrameworkStores<ApplicationDbContext>();

    // If you want to tweak Identity cookies, they're no longer part of IdentityOptions.
    services.ConfigureApplicationCookie(options => options.LoginPath = "/Account/LogIn");
    services.AddAuthentication()
            .AddFacebook(options =>
            {
                options.AppId = Configuration["auth:facebook:appid"];
                options.AppSecret = Configuration["auth:facebook:appsecret"];
            });
}

public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory) {
    app.UseAuthentication();
}

UseAuthentication方法會新增單一驗證中介軟體元件,負責自動驗證和處理遠端驗證要求。The UseAuthentication method adds a single authentication middleware component, which is responsible for automatic authentication and the handling of remote authentication requests. 它會將所有個別中介軟體元件取代為單一的一般中介軟體元件。It replaces all of the individual middleware components with a single, common middleware component.

以下是每個主要驗證配置的2.0 遷移指示。Below are 2.0 migration instructions for each major authentication scheme.

Cookie以驗證為基礎Cookie-based authentication

選取下列兩個選項的其中一個,並在 Startup.cs中進行必要的變更:Select one of the two options below, and make the necessary changes in Startup.cs:

  1. 使用 cookieIdentityUse cookies with Identity

    • UseIdentity UseAuthentication 方法中的取代 ConfigureReplace UseIdentity with UseAuthentication in the Configure method:

      app.UseAuthentication();
      
    • AddIdentity在方法中叫用方法 ConfigureServices ,以加入 cookie 驗證服務。Invoke the AddIdentity method in the ConfigureServices method to add the cookie authentication services.

    • (選擇性) ConfigureApplicationCookie ConfigureExternalCookie 在方法中叫用或方法 ConfigureServices 來調整 Identity cookie 設定。Optionally, invoke the ConfigureApplicationCookie or ConfigureExternalCookie method in the ConfigureServices method to tweak the Identity cookie settings.

      services.AddIdentity<ApplicationUser, IdentityRole>()
              .AddEntityFrameworkStores<ApplicationDbContext>()
              .AddDefaultTokenProviders();
      
      services.ConfigureApplicationCookie(options => options.LoginPath = "/Account/LogIn");
      
  2. 使用 cookie s (不含) IdentityUse cookies without Identity

    • UseCookieAuthentication Configure 以下列內容取代方法中的方法呼叫 UseAuthenticationReplace the UseCookieAuthentication method call in the Configure method with UseAuthentication:

      app.UseAuthentication();
      
    • AddAuthentication AddCookie 用方法中的和方法 ConfigureServicesInvoke the AddAuthentication and AddCookie methods in the ConfigureServices method:

      // If you don't want the cookie to be automatically authenticated and assigned to HttpContext.User,
      // remove the CookieAuthenticationDefaults.AuthenticationScheme parameter passed to AddAuthentication.
      services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
              .AddCookie(options =>
              {
                  options.LoginPath = "/Account/LogIn";
                  options.LogoutPath = "/Account/LogOff";
              });
      

JWT 持有人驗證JWT Bearer Authentication

Startup.cs中進行下列變更:Make the following changes in Startup.cs:

  • UseJwtBearerAuthentication Configure 以下列內容取代方法中的方法呼叫 UseAuthenticationReplace the UseJwtBearerAuthentication method call in the Configure method with UseAuthentication:

    app.UseAuthentication();
    
  • AddJwtBearer在方法中叫用方法 ConfigureServicesInvoke the AddJwtBearer method in the ConfigureServices method:

    services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
            .AddJwtBearer(options =>
            {
                options.Audience = "http://localhost:5001/";
                options.Authority = "http://localhost:5000/";
            });
    

    此程式碼片段不會使用 Identity ,因此應該透過傳遞 JwtBearerDefaults.AuthenticationScheme 給方法來設定預設配置 AddAuthenticationThis code snippet doesn't use Identity, so the default scheme should be set by passing JwtBearerDefaults.AuthenticationScheme to the AddAuthentication method.

OpenID Connect (OIDC) 驗證OpenID Connect (OIDC) authentication

Startup.cs中進行下列變更:Make the following changes in Startup.cs:

  • UseOpenIdConnectAuthentication Configure 以下列內容取代方法中的方法呼叫 UseAuthenticationReplace the UseOpenIdConnectAuthentication method call in the Configure method with UseAuthentication:

    app.UseAuthentication();
    
  • AddOpenIdConnect在方法中叫用方法 ConfigureServicesInvoke the AddOpenIdConnect method in the ConfigureServices method:

    services.AddAuthentication(options =>
    {
        options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
    })
    .AddCookie()
    .AddOpenIdConnect(options =>
    {
        options.Authority = Configuration["auth:oidc:authority"];
        options.ClientId = Configuration["auth:oidc:clientid"];
    });
    
  • PostLogoutRedirectUri OpenIdConnectOptions 以下列內容取代動作中的屬性 SignedOutRedirectUriReplace the PostLogoutRedirectUri property in the OpenIdConnectOptions action with SignedOutRedirectUri:

    .AddOpenIdConnect(options =>
    {
        options.SignedOutRedirectUri = "https://contoso.com";
    });
    

Facebook 驗證Facebook authentication

Startup.cs中進行下列變更:Make the following changes in Startup.cs:

  • UseFacebookAuthentication Configure 以下列內容取代方法中的方法呼叫 UseAuthenticationReplace the UseFacebookAuthentication method call in the Configure method with UseAuthentication:

    app.UseAuthentication();
    
  • AddFacebook在方法中叫用方法 ConfigureServicesInvoke the AddFacebook method in the ConfigureServices method:

    services.AddAuthentication()
            .AddFacebook(options =>
            {
                options.AppId = Configuration["auth:facebook:appid"];
                options.AppSecret = Configuration["auth:facebook:appsecret"];
            });
    

Google 驗證Google authentication

Startup.cs中進行下列變更:Make the following changes in Startup.cs:

  • UseGoogleAuthentication Configure 以下列內容取代方法中的方法呼叫 UseAuthenticationReplace the UseGoogleAuthentication method call in the Configure method with UseAuthentication:

    app.UseAuthentication();
    
  • AddGoogle在方法中叫用方法 ConfigureServicesInvoke the AddGoogle method in the ConfigureServices method:

    services.AddAuthentication()
            .AddGoogle(options =>
            {
                options.ClientId = Configuration["auth:google:clientid"];
                options.ClientSecret = Configuration["auth:google:clientsecret"];
            });
    

Microsoft 帳戶驗證Microsoft Account authentication

如需 Microsoft 帳戶驗證的詳細資訊,請參閱 此 GitHub 問題For more information on Microsoft account authentication, see this GitHub issue.

Startup.cs中進行下列變更:Make the following changes in Startup.cs:

  • UseMicrosoftAccountAuthentication Configure 以下列內容取代方法中的方法呼叫 UseAuthenticationReplace the UseMicrosoftAccountAuthentication method call in the Configure method with UseAuthentication:

    app.UseAuthentication();
    
  • AddMicrosoftAccount在方法中叫用方法 ConfigureServicesInvoke the AddMicrosoftAccount method in the ConfigureServices method:

    services.AddAuthentication()
            .AddMicrosoftAccount(options =>
            {
                options.ClientId = Configuration["auth:microsoft:clientid"];
                options.ClientSecret = Configuration["auth:microsoft:clientsecret"];
            });
    

Twitter 驗證Twitter authentication

Startup.cs中進行下列變更:Make the following changes in Startup.cs:

  • UseTwitterAuthentication Configure 以下列內容取代方法中的方法呼叫 UseAuthenticationReplace the UseTwitterAuthentication method call in the Configure method with UseAuthentication:

    app.UseAuthentication();
    
  • AddTwitter在方法中叫用方法 ConfigureServicesInvoke the AddTwitter method in the ConfigureServices method:

    services.AddAuthentication()
            .AddTwitter(options =>
            {
                options.ConsumerKey = Configuration["auth:twitter:consumerkey"];
                options.ConsumerSecret = Configuration["auth:twitter:consumersecret"];
            });
    

設定預設驗證配置Setting default authentication schemes

在1.x 中, AutomaticAuthenticate AutomaticChallenge AuthenticationOptions 基類的和屬性必須在單一驗證配置上進行設定。In 1.x, the AutomaticAuthenticate and AutomaticChallenge properties of the AuthenticationOptions base class were intended to be set on a single authentication scheme. 沒有足夠的方法可以強制執行此作業。There was no good way to enforce this.

在2.0 中,已將這兩個屬性移除為個別實例上的屬性 AuthenticationOptionsIn 2.0, these two properties have been removed as properties on the individual AuthenticationOptions instance. 您可以在 Startup.cs 方法中的方法呼叫中設定它們 AddAuthentication ConfigureServicesStartup.csThey can be configured in the AddAuthentication method call within the ConfigureServices method of Startup.cs:

services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme);

在上述程式碼片段中,預設配置是設定為 CookieAuthenticationDefaults.AuthenticationScheme ( " Cookie s" ) 。In the preceding code snippet, the default scheme is set to CookieAuthenticationDefaults.AuthenticationScheme ("Cookies").

或者,您也可以使用方法的 AddAuthentication 多載版本來設定一個以上的屬性。Alternatively, use an overloaded version of the AddAuthentication method to set more than one property. 在下列多載的方法範例中,預設配置是設定為 CookieAuthenticationDefaults.AuthenticationSchemeIn the following overloaded method example, the default scheme is set to CookieAuthenticationDefaults.AuthenticationScheme. 您也可以在個別的 [Authorize] 屬性或授權原則中指定驗證配置。The authentication scheme may alternatively be specified within your individual [Authorize] attributes or authorization policies.

services.AddAuthentication(options =>
{
    options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
});

如果下列其中一個條件成立,請在2.0 中定義預設配置:Define a default scheme in 2.0 if one of the following conditions is true:

  • 您希望使用者自動登入You want the user to be automatically signed in
  • 您可以使用 [Authorize] 屬性或授權原則,而不需要指定配置You use the [Authorize] attribute or authorization policies without specifying schemes

這項規則的例外狀況是 AddIdentity 方法。An exception to this rule is the AddIdentity method. 這個方法 cookie 會為您新增,並將預設的驗證和挑戰配置設定為應用程式 cookie IdentityConstants.ApplicationSchemeThis method adds cookies for you and sets the default authenticate and challenge schemes to the application cookie IdentityConstants.ApplicationScheme. 此外,它也會將預設的登入配置設定為外部 cookie IdentityConstants.ExternalSchemeAdditionally, it sets the default sign-in scheme to the external cookie IdentityConstants.ExternalScheme.

使用 HttpCoNtext 驗證延伸模組Use HttpContext authentication extensions

IAuthenticationManager介面是 1. x 驗證系統的主要進入點。The IAuthenticationManager interface is the main entry point into the 1.x authentication system. 它已取代為命名空間中的一組新 HttpContext 擴充方法 Microsoft.AspNetCore.AuthenticationIt has been replaced with a new set of HttpContext extension methods in the Microsoft.AspNetCore.Authentication namespace.

例如,1.x 專案會參考 Authentication 屬性:For example, 1.x projects reference an Authentication property:

// Clear the existing external cookie to ensure a clean login process
await HttpContext.Authentication.SignOutAsync(_externalCookieScheme);

在2.0 專案中,匯入 Microsoft.AspNetCore.Authentication 命名空間,並刪除 Authentication 屬性參考:In 2.0 projects, import the Microsoft.AspNetCore.Authentication namespace, and delete the Authentication property references:

// Clear the existing external cookie to ensure a clean login process
await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);

Windows 驗證 ( # A0/IISIntegration) Windows Authentication (HTTP.sys / IISIntegration)

Windows 驗證的變化有兩種:There are two variations of Windows authentication:

  • 主機只允許已驗證的使用者。The host only allows authenticated users. 此差異不受2.0 變更影響。This variation isn't affected by the 2.0 changes.

  • 主機允許匿名和已驗證的使用者。The host allows both anonymous and authenticated users. 這種變化會受到2.0 變更所影響。This variation is affected by the 2.0 changes. 例如,應用程式應該允許 IISHTTP.sys 層的匿名使用者,但在控制器層級授權使用者。For example, the app should allow anonymous users at the IIS or HTTP.sys layer but authorize users at the controller level. 在此案例中,請設定方法中的預設配置 Startup.ConfigureServicesIn this scenario, set the default scheme in the Startup.ConfigureServices method.

    若為 AspNetCore,請將預設配置設定為 IISDefaults.AuthenticationSchemeFor Microsoft.AspNetCore.Server.IISIntegration, set the default scheme to IISDefaults.AuthenticationScheme:

    using Microsoft.AspNetCore.Server.IISIntegration;
    
    services.AddAuthentication(IISDefaults.AuthenticationScheme);
    

    若為 AspNetCore,請將預設配置設定為 HttpSysDefaults.AuthenticationSchemeFor Microsoft.AspNetCore.Server.HttpSys, set the default scheme to HttpSysDefaults.AuthenticationScheme:

    using Microsoft.AspNetCore.Server.HttpSys;
    
    services.AddAuthentication(HttpSysDefaults.AuthenticationScheme);
    

    無法設定預設配置,可防止授權 (挑戰) 要求使用下列例外狀況:Failure to set the default scheme prevents the authorize (challenge) request from working with the following exception:

    System.InvalidOperationException:未指定 authenticationScheme,而且找不到 DefaultChallengeScheme。System.InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found.

如需詳細資訊,請參閱在 ASP.NET Core 中設定 Windows 驗證For more information, see 在 ASP.NET Core 中設定 Windows 驗證.

IdentityCookie選項實例IdentityCookieOptions instances

2.0 變更的副作用是切換為使用命名選項,而不是 cookie 選項實例。A side effect of the 2.0 changes is the switch to using named options instead of cookie options instances. 已移除自訂 Identity cookie 配置名稱的功能。The ability to customize the Identity cookie scheme names is removed.

例如,1.x 專案使用「函式 插入 」將參數傳遞至 IdentityCookieOptions AccountController.csManageController.csFor example, 1.x projects use constructor injection to pass an IdentityCookieOptions parameter into AccountController.cs and ManageController.cs. 您 cookie 可以從提供的實例存取外部驗證配置:The external cookie authentication scheme is accessed from the provided instance:

public AccountController(
    UserManager<ApplicationUser> userManager,
    SignInManager<ApplicationUser> signInManager,
    IOptions<IdentityCookieOptions> identityCookieOptions,
    IEmailSender emailSender,
    ISmsSender smsSender,
    ILoggerFactory loggerFactory)
{
    _userManager = userManager;
    _signInManager = signInManager;
    _externalCookieScheme = identityCookieOptions.Value.ExternalCookieAuthenticationScheme;
    _emailSender = emailSender;
    _smsSender = smsSender;
    _logger = loggerFactory.CreateLogger<AccountController>();
}

上述的函式插入在2.0 專案中變成不必要,而且 _externalCookieScheme 可以刪除欄位:The aforementioned constructor injection becomes unnecessary in 2.0 projects, and the _externalCookieScheme field can be deleted:

public AccountController(
    UserManager<ApplicationUser> userManager,
    SignInManager<ApplicationUser> signInManager,
    IEmailSender emailSender,
    ISmsSender smsSender,
    ILoggerFactory loggerFactory)
{
    _userManager = userManager;
    _signInManager = signInManager;
    _emailSender = emailSender;
    _smsSender = smsSender;
    _logger = loggerFactory.CreateLogger<AccountController>();
}

1.x 專案使用欄位,如下所示 _externalCookieScheme1.x projects used the _externalCookieScheme field as follows:

// Clear the existing external cookie to ensure a clean login process
await HttpContext.Authentication.SignOutAsync(_externalCookieScheme);

在2.0 專案中,以下列程式碼取代上述程式碼。In 2.0 projects, replace the preceding code with the following. IdentityConstants.ExternalScheme 可以直接使用常數。The IdentityConstants.ExternalScheme constant can be used directly.

// Clear the existing external cookie to ensure a clean login process
await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);

SignOutAsync 由匯入下列命名空間來解析新加入的呼叫:Resolve the newly added SignOutAsync call by importing the following namespace:

using Microsoft.AspNetCore.Authentication;

新增 Identity 使用者 POCO 導覽屬性Add IdentityUser POCO navigation properties

Entity Framework (EF) 基底 POCO 的核心導覽屬性, IdentityUser (一般舊的 CLR 物件) 已經被移除。The Entity Framework (EF) Core navigation properties of the base IdentityUser POCO (Plain Old CLR Object) have been removed. 如果您的1.x 專案使用這些屬性,請手動將其新增回2.0 專案:If your 1.x project used these properties, manually add them back to the 2.0 project:

/// <summary>
/// Navigation property for the roles this user belongs to.
/// </summary>
public virtual ICollection<IdentityUserRole<int>> Roles { get; } = new List<IdentityUserRole<int>>();

/// <summary>
/// Navigation property for the claims this user possesses.
/// </summary>
public virtual ICollection<IdentityUserClaim<int>> Claims { get; } = new List<IdentityUserClaim<int>>();

/// <summary>
/// Navigation property for this users login accounts.
/// </summary>
public virtual ICollection<IdentityUserLogin<int>> Logins { get; } = new List<IdentityUserLogin<int>>();

若要在執行 EF Core 遷移時避免重複的外鍵,請在 IdentityDbContext 呼叫) 之後,將下列內容新增至類別的 OnModelCreating 方法 (base.OnModelCreating();To prevent duplicate foreign keys when running EF Core Migrations, add the following to your IdentityDbContext class' OnModelCreating method (after the base.OnModelCreating(); call):

protected override void OnModelCreating(ModelBuilder builder)
{
    base.OnModelCreating(builder);
    // Customize the ASP.NET Core Identity model and override the defaults if needed.
    // For example, you can rename the ASP.NET Core Identity table names and more.
    // Add your customizations after calling base.OnModelCreating(builder);

    builder.Entity<ApplicationUser>()
        .HasMany(e => e.Claims)
        .WithOne()
        .HasForeignKey(e => e.UserId)
        .IsRequired()
        .OnDelete(DeleteBehavior.Cascade);

    builder.Entity<ApplicationUser>()
        .HasMany(e => e.Logins)
        .WithOne()
        .HasForeignKey(e => e.UserId)
        .IsRequired()
        .OnDelete(DeleteBehavior.Cascade);

    builder.Entity<ApplicationUser>()
        .HasMany(e => e.Roles)
        .WithOne()
        .HasForeignKey(e => e.UserId)
        .IsRequired()
        .OnDelete(DeleteBehavior.Cascade);
}

取代 GetExternalAuthenticationSchemesReplace GetExternalAuthenticationSchemes

同步方法 GetExternalAuthenticationSchemes 已移除,以取代非同步版本。The synchronous method GetExternalAuthenticationSchemes was removed in favor of an asynchronous version. 1.x 專案在 控制器/ManageController中有下列程式碼:1.x projects have the following code in Controllers/ManageController.cs:

var otherLogins = _signInManager.GetExternalAuthenticationSchemes().Where(auth => userLogins.All(ul => auth.AuthenticationScheme != ul.LoginProvider)).ToList();

這個方法會出現在 Views/Account/Login 中。 cshtml 也會出現:This method appears in Views/Account/Login.cshtml too:

@{
    var loginProviders = SignInManager.GetExternalAuthenticationSchemes().ToList();
    if (loginProviders.Count == 0)
    {
        <div>
            <p>
                There are no external authentication services configured. See <a href="https://go.microsoft.com/fwlink/?LinkID=532715">this article</a>
                for details on setting up this ASP.NET application to support logging in via external services.
            </p>
        </div>
    }
    else
    {
        <form asp-controller="Account" asp-action="ExternalLogin" asp-route-returnurl="@ViewData["ReturnUrl"]" method="post" class="form-horizontal">
            <div>
                <p>
                    @foreach (var provider in loginProviders)
                    {
                        <button type="submit" class="btn btn-default" name="provider" value="@provider.AuthenticationScheme" title="Log in using your @provider.DisplayName account">@provider.AuthenticationScheme</button>
                    }
                </p>
            </div>
        </form>
    }
}

在2.0 專案中,請使用 GetExternalAuthenticationSchemesAsync 方法。In 2.0 projects, use the GetExternalAuthenticationSchemesAsync method. ManageController.cs中的變更類似于下列程式碼:The change in ManageController.cs resembles the following code:

var schemes = await _signInManager.GetExternalAuthenticationSchemesAsync();
var otherLogins = schemes.Where(auth => userLogins.All(ul => auth.Name != ul.LoginProvider)).ToList();

Login中,在 AuthenticationScheme 迴圈中存取的屬性會 foreach 變更為 NameIn Login.cshtml, the AuthenticationScheme property accessed in the foreach loop changes to Name:

@{
    var loginProviders = (await SignInManager.GetExternalAuthenticationSchemesAsync()).ToList();
    if (loginProviders.Count == 0)
    {
        <div>
            <p>
                There are no external authentication services configured. See <a href="https://go.microsoft.com/fwlink/?LinkID=532715">this article</a>
                for details on setting up this ASP.NET application to support logging in via external services.
            </p>
        </div>
    }
    else
    {
        <form asp-controller="Account" asp-action="ExternalLogin" asp-route-returnurl="@ViewData["ReturnUrl"]" method="post" class="form-horizontal">
            <div>
                <p>
                    @foreach (var provider in loginProviders)
                    {
                        <button type="submit" class="btn btn-default" name="provider" value="@provider.Name" title="Log in using your @provider.DisplayName account">@provider.DisplayName</button>
                    }
                </p>
            </div>
        </form>
    }
}

ManageLoginsViewModel 屬性變更ManageLoginsViewModel property change

ManageLoginsViewModelManageController.cs 的動作中會使用物件 ManageLoginsManageController.csA ManageLoginsViewModel object is used in the ManageLogins action of ManageController.cs. 在1.x 專案中,物件的屬性傳回 OtherLogins 型別為 IList<AuthenticationDescription>In 1.x projects, the object's OtherLogins property return type is IList<AuthenticationDescription>. 此傳回類型需要匯入 Microsoft.AspNetCore.Http.AuthenticationThis return type requires an import of Microsoft.AspNetCore.Http.Authentication:

using System.Collections.Generic;
using Microsoft.AspNetCore.Http.Authentication;
using Microsoft.AspNetCore.Identity;

namespace AspNetCoreDotNetCore1App.Models.ManageViewModels
{
    public class ManageLoginsViewModel
    {
        public IList<UserLoginInfo> CurrentLogins { get; set; }

        public IList<AuthenticationDescription> OtherLogins { get; set; }
    }
}

在2.0 專案中,傳回型別會變更為 IList<AuthenticationScheme>In 2.0 projects, the return type changes to IList<AuthenticationScheme>. 這個新的傳回型別需要以匯入來取代匯 Microsoft.AspNetCore.Http.AuthenticationMicrosoft.AspNetCore.AuthenticationThis new return type requires replacing the Microsoft.AspNetCore.Http.Authentication import with a Microsoft.AspNetCore.Authentication import.

using System.Collections.Generic;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Identity;

namespace AspNetCoreDotNetCore2App.Models.ManageViewModels
{
    public class ManageLoginsViewModel
    {
        public IList<UserLoginInfo> CurrentLogins { get; set; }

        public IList<AuthenticationScheme> OtherLogins { get; set; }
    }
}

其他資源Additional resources

如需詳細資訊,請參閱 GitHub 上的 驗證2.0 問題討論For more information, see the Discussion for Auth 2.0 issue on GitHub.