个人中心
gpt4 book ai didi

c# - Identityserver 隐式流 unauthorized_client

转载 作者:太空狗 更新时间:2023-10-29 18:13:05 29 4
gpt4 key购买 nike

我似乎无法理解为什么我会从 IdentityServer 获得 unauthorized_client。我将 oidc-client 与 Angular 4 ui 和 Web API 的 asp.net 核心一起使用。我无法连接到身份服务器,因为每次它返回时我的客户端都是 unauthorized_client

这是注册客户端:

new Client
{
    ClientId = "EStudent",
    ClientName = "EStudent",
    AllowedGrantTypes = GrantTypes.Implicit,
    RequireClientSecret = false,
    AllowAccessTokensViaBrowser = true,
    AllowedCorsOrigins = { "http://localhost:63150" },
    LogoutSessionRequired = false,
    RequireConsent = false,
    AllowedScopes = new List<string>
    {
        IdentityServerConstants.StandardScopes.OpenId,
        IdentityServerConstants.StandardScopes.Profile,
        "UsersAPI",
    },
    AlwaysIncludeUserClaimsInIdToken = true,
    RedirectUris = {
        "http://localhost:63150/oauth.html"
    },
    PostLogoutRedirectUris = {
        "http://localhost:63150/",
        $"{this._baseAddress}/index.html"
    },
    AllowOfflineAccess = true,
}

这是 Angular 中的授权服务:

import { Injectable, EventEmitter } from '@angular/core';
import { Http, Headers, RequestOptions, Response } from '@angular/http';
import { Observable } from 'rxjs/Rx';
    
import { UserManager, User } from 'oidc-client';
import { environment } from '../../../environments/environment';

const settings: any = {
    authority: 'http://localhost:8200/oauth',
    client_id: 'EStudent',
    redirect_uri: 'http://localhost:63150/auth.html',
    post_logout_redirect_uri: 'http://localhost:63150/index.html',
    response_type: 'id_token token',
    scope: 'openid profile UsersAPI',
    
    silent_redirect_uri: 'http://localhost:63150/silent-renew.html',
    automaticSilentRenew: true,
    accessTokenExpiringNotificationTime: 4,
    // silentRequestTimeout:10000,
    
    filterProtocolClaims: true,
    loadUserInfo: true
};
  
@Injectable()
export class AuthService {
    mgr: UserManager = new UserManager(settings);
    userLoadededEvent: EventEmitter<User> = new EventEmitter<User>();
    currentUser: User;
    loggedIn = false;
    authHeaders: Headers;
    
    constructor(private http: Http) {
        this.mgr.getUser().then((user) => {
            if (user) {
                this.loggedIn = true;
                this.currentUser = user;
                this.userLoadededEvent.emit(user);
            } else {
                this.loggedIn = false;
            }
        }).catch((err) => {
            this.loggedIn = false;
        });
    
        this.mgr.events.addUserLoaded((user) => {
            this.currentUser = user;
            this.loggedIn = !(user === undefined);
            if (!environment.production) {
                console.log('authService addUserLoaded', user);
            }
        });
    
        this.mgr.events.addUserUnloaded((e) => {
            if (!environment.production) {
              console.log('user unloaded');
            }
            this.loggedIn = false;
        });
    }
}

最后我像这样调用 identityserver:

constructor(public oidcSecurityService: AuthService) { }
    
ngOnInit() {
    this.oidcSecurityService.mgr.signinRedirect();
}

发送的请求如下所示:

http://localhost:8200/oauth/connect/authorize?client_id=EStudent&redirect_uri=http%3A%2F%2Flocalhost%3A63150%2Fauth.html&response_type=id_token%20token&scope=openid%20profile%20UsersAPI&state=91ea5de6886a49a997704bbdb4beda0c&nonce=295e6bf737274ea18ee2f575c93d150b

最佳答案

您的 IdentityServer Client 有一个 redirectUri 与请求中使用的不匹配:

http://localhost:63150/oauth.html

在请求中,您使用以下内容,它缺少 oauth 中的 o:

http://localhost:63150/auth.html

关于c# - Identityserver 隐式流 unauthorized_client,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46537043/

29 4 0
文章推荐: Python:将打印引号、破折号等替换为对应的 ascii 字符
文章推荐: c# - 从 URLS 在 .net Core 中创建 zip,无需在服务器上下载
文章推荐: python - 在 Windows 10 上导入 win32api 时出现 DLL 错误
文章推荐: c# - System.IO.FileNotFoundException 与 SqlClient
太空狗
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com