带有 ServiceStack 和 MVC 客户端的 IdentityServer3
IdentityServer3 with ServiceStack and MVC Client
我是 IdentityServer3 的新手,刚刚开始设置它。它似乎进展顺利,我一直在为 MVC 应用程序开发混合流程,类似于 Kevin Dockx 的 Pluralsight 课程 (http://www.pluralsight.com/courses/building-securing-restful-api-aspdotnet)
当我尝试使用 MVC 错误配置 IdentityServer 时弹出 - Microsoft.IdentityModel.Protocols.OpenIdConnectProtocolException: invalid_request
ID 服务器:
new Client
{
Enabled = true,
ClientName = "MVC Client (Hybrid Flow)",
ClientId = "mvc",
Flow = Flows.Hybrid,
RequireConsent = true,
RedirectUris = new List<string>
{"https://localhost:44358/"},
}
var scopes = new List<Scope>{
StandardScopes.OpenId,
StandardScopes.Profile
};
下面是来自 MVC 客户端应用程序的代码
public void Configuration(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies",
//CookieName = "ourcookiename"
});
var options = new OpenIdConnectAuthenticationOptions
{
ClientId = "mvc",
Authority = "https://localhost:44367/identity/",
RedirectUri = "https://localhost:44358/",
// PostLogoutRedirectUri = "https://localhost:44300/",
SignInAsAuthenticationType = "Cookies",
ResponseType = "code id_token token",
Scope = "openId profile"
};
app.UseOpenIdConnectAuthentication(options);
}
并且还必须使用 ServiceStack' for this I used linkhttps://github.com/MacLeanElectrical/servicestack-authentication-identityserver` 配置 IdentityServer3 以验证服务,但在 Global.aspx 中用于新的 AppHost().Init();它显示错误-
'System.NullReferenceException' occurred in ServiceStack.dll but was not handled in user code
我没有看到您在客户端中指定了 AllowedScopes
new Client
{
Enabled = true,
ClientName = "MVC Client (Hybrid Flow)",
ClientId = "mvc",
Flow = Flows.Hybrid,
RequireConsent = true,
RedirectUris = new List<string>
{"https://localhost:44358/"},
AllowedScopes = new List<string>{
"openid",
"profile"
};
}
这是我的做法
return new[]
{
new Client
{
Enabled = true,
ClientId = "Client",
ClientName = "SomeClient",
Flow = Flows.Hybrid,
RequireConsent = true,
AllowedScopes = new List<string>
{
"openid",
"profile",
"roles",
"api",
"offline_access"
},
RedirectUris = new List<string>
{
Constants.Client
},
AccessTokenLifetime = 3600,
ClientSecrets = new List<Secret>()
{
new Secret("secret".Sha256())
}
}
};
var scopes = new List<Scope>
{
//Identity Scopes
StandardScopes.OpenId,
StandardScopes.Profile,
new Scope
{
Enabled = true,
Name = "roles",
DisplayName = "Roles",
Description = "The roles you belong to.",
Type = ScopeType.Identity,
Claims = new List<ScopeClaim>
{
new ScopeClaim("role")
}
},
new Scope
{
Enabled = true,
Name="api",
DisplayName = "API Scope",
Description = "To accesss the API",
Type = ScopeType.Resource,
Emphasize = false,
Claims = new List<ScopeClaim>
{
new ScopeClaim("role"),
new ScopeClaim("id")
}
},
StandardScopes.OfflineAccess
};
return scopes;
我是 IdentityServer3 的新手,刚刚开始设置它。它似乎进展顺利,我一直在为 MVC 应用程序开发混合流程,类似于 Kevin Dockx 的 Pluralsight 课程 (http://www.pluralsight.com/courses/building-securing-restful-api-aspdotnet)
当我尝试使用 MVC 错误配置 IdentityServer 时弹出 - Microsoft.IdentityModel.Protocols.OpenIdConnectProtocolException: invalid_request
ID 服务器:
new Client
{
Enabled = true,
ClientName = "MVC Client (Hybrid Flow)",
ClientId = "mvc",
Flow = Flows.Hybrid,
RequireConsent = true,
RedirectUris = new List<string>
{"https://localhost:44358/"},
}
var scopes = new List<Scope>{
StandardScopes.OpenId,
StandardScopes.Profile
};
下面是来自 MVC 客户端应用程序的代码
public void Configuration(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies",
//CookieName = "ourcookiename"
});
var options = new OpenIdConnectAuthenticationOptions
{
ClientId = "mvc",
Authority = "https://localhost:44367/identity/",
RedirectUri = "https://localhost:44358/",
// PostLogoutRedirectUri = "https://localhost:44300/",
SignInAsAuthenticationType = "Cookies",
ResponseType = "code id_token token",
Scope = "openId profile"
};
app.UseOpenIdConnectAuthentication(options);
}
并且还必须使用 ServiceStack' for this I used linkhttps://github.com/MacLeanElectrical/servicestack-authentication-identityserver` 配置 IdentityServer3 以验证服务,但在 Global.aspx 中用于新的 AppHost().Init();它显示错误-
'System.NullReferenceException' occurred in ServiceStack.dll but was not handled in user code
我没有看到您在客户端中指定了 AllowedScopes
new Client
{
Enabled = true,
ClientName = "MVC Client (Hybrid Flow)",
ClientId = "mvc",
Flow = Flows.Hybrid,
RequireConsent = true,
RedirectUris = new List<string>
{"https://localhost:44358/"},
AllowedScopes = new List<string>{
"openid",
"profile"
};
}
这是我的做法
return new[]
{
new Client
{
Enabled = true,
ClientId = "Client",
ClientName = "SomeClient",
Flow = Flows.Hybrid,
RequireConsent = true,
AllowedScopes = new List<string>
{
"openid",
"profile",
"roles",
"api",
"offline_access"
},
RedirectUris = new List<string>
{
Constants.Client
},
AccessTokenLifetime = 3600,
ClientSecrets = new List<Secret>()
{
new Secret("secret".Sha256())
}
}
};
var scopes = new List<Scope>
{
//Identity Scopes
StandardScopes.OpenId,
StandardScopes.Profile,
new Scope
{
Enabled = true,
Name = "roles",
DisplayName = "Roles",
Description = "The roles you belong to.",
Type = ScopeType.Identity,
Claims = new List<ScopeClaim>
{
new ScopeClaim("role")
}
},
new Scope
{
Enabled = true,
Name="api",
DisplayName = "API Scope",
Description = "To accesss the API",
Type = ScopeType.Resource,
Emphasize = false,
Claims = new List<ScopeClaim>
{
new ScopeClaim("role"),
new ScopeClaim("id")
}
},
StandardScopes.OfflineAccess
};
return scopes;