来自 POSTMAN Http 工具的 Identity Server 3 令牌请求
Identity Server 3 Token Request from POSTMAN Http Tool
使用 POSTMAN,我正在努力取回我的 Identity Server 3 令牌。
错误代码是:400 Bad Request
详情如下:
POST /identity/connect/token HTTP/1.1
Host: localhost:44358
Content-Type: 应用程序;x-www-form-urlencoded
Cache-Control: 无缓存
Postman-Token: 57fc7aef-0006-81b2-8bf8-8d46b77d21d1
username=MYUSER-ID&password=MY-PASSWORD&grant_type=密码&client_id=rzrwebguiangulajsclient&client_secret=myclientsecret&redirect_uri= https://localhost:44331/callback
我用一个简单的 Visual Studio 2015 WebApi 项目做了类似的事情,终点是 \token.
感谢任何 guidance/advice...
问候,
鲍勃
资源所有者 OAuth 请求的最低要求如下(添加换行符以提高可读性):
POST /connect/token
页眉
Content-Type: application/x-www-form-urlencoded
正文
username=MYUSER-ID
&password=MY-PASSWORD
&grant_type=password
&client_id=rzrwebguiangulajsclient
&client_secret=myclientsecret
&scope=api
马上你就没有在你的请求中请求一个范围。否则,您的客户端在 Identity Server 中的配置很可能有问题。
你最好的选择是 enable logging 并查看此请求错误时返回的内容。
我很高兴地说我们让 Postman 工作了。
事实证明,我非常接近 Postman 使用 Identity Server 3 授权。
解决方案的最后一部分是将 Postman 客户端 Flow 设置为 Flow = Flows.ClientCredentials(请参阅下面的 postmantestclient 客户端定义):
using System.Collections.Generic;
using IdentityServer3.Core.Models;
namespace MyWebApi.MyIdentityServer.Config
{
public static class Clients
{
public static IEnumerable<Client> Get()
{
return new[]
{
new Client
{
ClientId = MyConstants.MyIdentityServer.MyWebGuiClientId,
ClientName = "My Web Gui Client",
Flow = Flows.Implicit,
AllowAccessToAllScopes = true,
IdentityTokenLifetime = 300,
AccessTokenLifetime = 300, //5 minutes
RequireConsent = false,
// redirect = URI of the Angular application
RedirectUris = new List<string>
{
MyConstants.MyIdentityServer.MyWebGuiUri + "callback.html",
// for silent refresh
MyConstants.MyIdentityServer.MyWebGuiUri + "silentrefreshframe.html"
},
PostLogoutRedirectUris = new List<string>()
{
MyConstants.MyIdentityServer.MyWebGuiUri + "index.html"
}
},
new Client
{
ClientId = MyConstants.MyIdentityServer.SwaggerClientId,
ClientName = "Swagger Client",
Flow = Flows.Implicit,
AllowAccessToAllScopes = true,
IdentityTokenLifetime = 300,
AccessTokenLifetime = 300,
RequireConsent = false,
// redirect = URI of the Angular application
RedirectUris = new List<string>
{
"https://localhost:44358/swagger/ui/o2c-html"
}
},
new Client
{
ClientId = "postmantestclient",
ClientName = "Postman http test client",
Flow = Flows.ClientCredentials,
AllowAccessToAllScopes = true,
IdentityTokenLifetime = 300,
AccessTokenLifetime = 300, //5 minutes
RequireConsent = false,
ClientSecrets = new List<Secret>
{
new Secret("PostmanSecret".Sha256())
},
RedirectUris = new List<string>()
{
"https://www.getpostman.com/oauth2/callback"
}
}
};
}
}
}
使用 POSTMAN,我正在努力取回我的 Identity Server 3 令牌。
错误代码是:400 Bad Request
详情如下:
POST /identity/connect/token HTTP/1.1
Host: localhost:44358
Content-Type: 应用程序;x-www-form-urlencoded
Cache-Control: 无缓存
Postman-Token: 57fc7aef-0006-81b2-8bf8-8d46b77d21d1
username=MYUSER-ID&password=MY-PASSWORD&grant_type=密码&client_id=rzrwebguiangulajsclient&client_secret=myclientsecret&redirect_uri= https://localhost:44331/callback
我用一个简单的 Visual Studio 2015 WebApi 项目做了类似的事情,终点是 \token.
感谢任何 guidance/advice...
问候, 鲍勃
资源所有者 OAuth 请求的最低要求如下(添加换行符以提高可读性):
POST /connect/token
页眉
Content-Type: application/x-www-form-urlencoded
正文
username=MYUSER-ID
&password=MY-PASSWORD
&grant_type=password
&client_id=rzrwebguiangulajsclient
&client_secret=myclientsecret
&scope=api
马上你就没有在你的请求中请求一个范围。否则,您的客户端在 Identity Server 中的配置很可能有问题。
你最好的选择是 enable logging 并查看此请求错误时返回的内容。
我很高兴地说我们让 Postman 工作了。
事实证明,我非常接近 Postman 使用 Identity Server 3 授权。
解决方案的最后一部分是将 Postman 客户端 Flow 设置为 Flow = Flows.ClientCredentials(请参阅下面的 postmantestclient 客户端定义):
using System.Collections.Generic;
using IdentityServer3.Core.Models;
namespace MyWebApi.MyIdentityServer.Config
{
public static class Clients
{
public static IEnumerable<Client> Get()
{
return new[]
{
new Client
{
ClientId = MyConstants.MyIdentityServer.MyWebGuiClientId,
ClientName = "My Web Gui Client",
Flow = Flows.Implicit,
AllowAccessToAllScopes = true,
IdentityTokenLifetime = 300,
AccessTokenLifetime = 300, //5 minutes
RequireConsent = false,
// redirect = URI of the Angular application
RedirectUris = new List<string>
{
MyConstants.MyIdentityServer.MyWebGuiUri + "callback.html",
// for silent refresh
MyConstants.MyIdentityServer.MyWebGuiUri + "silentrefreshframe.html"
},
PostLogoutRedirectUris = new List<string>()
{
MyConstants.MyIdentityServer.MyWebGuiUri + "index.html"
}
},
new Client
{
ClientId = MyConstants.MyIdentityServer.SwaggerClientId,
ClientName = "Swagger Client",
Flow = Flows.Implicit,
AllowAccessToAllScopes = true,
IdentityTokenLifetime = 300,
AccessTokenLifetime = 300,
RequireConsent = false,
// redirect = URI of the Angular application
RedirectUris = new List<string>
{
"https://localhost:44358/swagger/ui/o2c-html"
}
},
new Client
{
ClientId = "postmantestclient",
ClientName = "Postman http test client",
Flow = Flows.ClientCredentials,
AllowAccessToAllScopes = true,
IdentityTokenLifetime = 300,
AccessTokenLifetime = 300, //5 minutes
RequireConsent = false,
ClientSecrets = new List<Secret>
{
new Secret("PostmanSecret".Sha256())
},
RedirectUris = new List<string>()
{
"https://www.getpostman.com/oauth2/callback"
}
}
};
}
}
}