gpt4 book ai didi

aurelia - 使用 Aurelia-Auth 从 IdentityServer 获取 JWT 的配置

转载 作者:行者123 更新时间:2023-12-02 03:21:57 28 4
gpt4 key购买 nike

我无法从 IdentityServer3 获取 JWT。我将 aurelia 与 aurelia-auth 一起使用。

我从 IdentityServer 得到的错误是 “客户端应用程序未知或未经授权。”

想知道我在配置中缺少什么吗?配置如下

//Server Clients
public static class Clients
{
public static IEnumerable<Client> Get()
{
return new List<Client> {
new Client {
ClientName = "AureliaApplication",
Enabled = true,
ClientId = "aureliaClient",
AllowAccessToAllScopes = true,
Flow = Flows.ResourceOwner,
AccessTokenType = AccessTokenType.Jwt,
AccessTokenLifetime = 3600
}
};
}
}

//Aurelia-Auth Provider Config
var config = {
providers: {
IdentityServerV3: {
name:'IdentityServerV3',
url: '/auth/IdentityServerV3',
authorizationEndpoint: 'https://localhost:44300/core/connect/authorize',
redirectUri: window.location.origin || window.location.protocol + '//' + window.location.host,
scope: ['openid'],
scopePrefix: 'openid',
scopeDelimiter: '&',
display: 'popup',
type: '2.0',
clientId: 'aureliaClient',
popupOptions: { width: 1020, height: 618 }
}
}
}

export default config;

最佳答案

需要在IdentityServer中配置客户端的作用域

new Client
{
ClientId = "Aurelia Client",
ClientName = "aureliaClient",
ClientSecrets = new List<Secret> {
new Secret(Constants.IdentitySecret.Sha256())
},
Flow = Flows.Hybrid,
RequireConsent = true,
AllowRememberConsent = true,
RedirectUris = new List<string> {
"http://localhost:9000"
},
PostLogoutRedirectUris = new List<string> {
"http://localhost:9000"
},
AllowedScopes = new List<string> {
Constants.StandardScopes.OpenId,
Constants.StandardScopes.Profile,
Constants.StandardScopes.Roles,
"apiAccess"
}
}

Aurelia 配置必须更正不同 IdentityServer 端点的 url。这些端点通常可以在服务器的 openid-configuration 中找到(在本例中为:https://localhost:44301/core/.well-known/openid-configuration)。与 IdentityServer 中客户端配置中定义的范围相同

var config = {
baseUrl : 'https://localhost:44301/core',
tokenName : 'id_token',
profileUrl: '/connect/userinfo',
unlinkUrl : '/connect/endsession',
logoutRedirect: '/',
loginRedirect : '#/',

providers : {
identSrv : {
name: 'identSrv',
url: '/connect/token',
authorizationEndpoint: 'https://localhost:44301/core/connect/authorize/',
redirectUri: window.location.origin || window.location.protocol + '//' + window.location.host,
scope: ['profile', 'apiAccess','openid', 'roles'],
responseType :'code id_token token',
scopePrefix: '',
scopeDelimiter: ' ',
requiredUrlParams: ['scope', 'nonce'],
optionalUrlParams: ['display'],
state: 'session_state',
display: 'popup',
type: '2.0',
clientId: 'jsClient',
flow: 'hybrid',
nonce : function(){
var val = ((Date.now() + Math.random()) * Math.random()).toString().replace(".", "");
return encodeURIComponent(val);
},
popupOptions: { width: 452, height: 633 }
}
}

Scott 实际上找到了解决方案(我只是用它来回答)你可以在他的 github 上找到一个例子 https://github.com/devscott/identityServer3Example

关于aurelia - 使用 Aurelia-Auth 从 IdentityServer 获取 JWT 的配置,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/32725233/

28 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com