gpt4 book ai didi

c# - 在 asp.net core 中使用 JavaScript Client 在 Identity Server 4 中获取范围验证错误

转载 作者:IT王子 更新时间:2023-10-29 04:52:09 27 4
gpt4 key购买 nike

我在从我的 Javascript 客户端应用程序向我的 Identity Server 应用程序发出请求时收到以下错误。

失败:IdentityServer4.Validation.ScopeValidator[0]无效范围:openid

我已确保在我的 Identity Server 应用程序中添加范围。下面是我的代码。

IdentityServer 应用程序(主机)Config.cs

  public class Config
{
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("api1","My API")
};
}

public static IEnumerable<Client> GetClients()
{
return new List<Client>
{
new Client
{
ClientId = "js",
ClientName = "javaScript Client",
AllowedGrantTypes = GrantTypes.Implicit,
AllowAccessTokensViaBrowser = true,
RedirectUris = { "http://localhost:5003/callback.html" },
PostLogoutRedirectUris = { "http://localhost:5003/index.html" },
AllowedCorsOrigins = { "http://localhost:5003" },
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"api1"
}
}
};
}
}

Startup.cs

  public class Startup
{
// This method gets called by the runtime. Use this method to add services to the container.
// For more information on how to configure your application, visit http://go.microsoft.com/fwlink/?LinkID=398940
public void ConfigureServices(IServiceCollection services)
{

services.AddIdentityServer()
.AddTemporarySigningCredential()
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients());
}

// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole();

if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseIdentityServer();
}

app.Run(async (context) =>
{
await context.Response.WriteAsync("Hello World!");
});
}
}

Web API Startup.cs

 public class Startup
{
public Startup(IHostingEnvironment env)
{
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true);

if (env.IsEnvironment("Development"))
{
// This will push telemetry data through Application Insights pipeline faster, allowing you to view results immediately.
builder.AddApplicationInsightsSettings(developerMode: true);
}

builder.AddEnvironmentVariables();
Configuration = builder.Build();
}

public IConfigurationRoot Configuration { get; }

// This method gets called by the runtime. Use this method to add services to the container
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
services.AddApplicationInsightsTelemetry(Configuration);

services.AddCors(option =>
{
option.AddPolicy("dafault", policy =>
{
policy.WithOrigins("http://localhost:5003")
.AllowAnyHeader()
.AllowAnyMethod();
});
});
services.AddMvcCore()
.AddAuthorization()
.AddJsonFormatters();
}

// This method gets called by the runtime. Use this method to configure the HTTP request pipeline
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();

//this uses the policy called "default"
app.UseCors("default");

app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
{
Authority = "http://localhost:5000",
AllowedScopes = { "api1" },
RequireHttpsMetadata = false
});

app.UseApplicationInsightsRequestTelemetry();

app.UseApplicationInsightsExceptionTelemetry();

app.UseMvc();
}
}

最佳答案

虽然您的客户端(应用程序)已配置或允许请求 openid 资源(或范围),但您的身份服务器未针对 openid 身份资源进行配置

您需要将其添加为身份资源,类似于其完成方式 here并有一个方法可以返回您想要使用的所有身份资源,就像它完成了一样 here .

简而言之,向您的 Config.cs 添加一个新方法,如下所示:

public static List<IdentityResource> GetIdentityResources()
{
return new List<IdentityResource>
{
new IdentityResources.OpenId(),
new IdentityResources.Profile() // <-- usefull
};
}

然后向您的身份服务器服务容器添加您的身份资源配置,如下所示:

 services.AddIdentityServer()
.AddTemporarySigningCredential()
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients())
.AddInMemoryIdentityResources(Config.GetIdentityResources()); // <-- adding identity resources/scopes

关于c# - 在 asp.net core 中使用 JavaScript Client 在 Identity Server 4 中获取范围验证错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/41010015/

27 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com