Identityserver3 - 客户端应用程序未知或未经授权
Identityserver3 - The client application is not known or is not authorized
我正在设置我的客户端应用程序端口 3g 以使用 IdentityServer3 进行身份验证。
我收到错误:客户端应用程序未知或未经授权。
我想我已经正确配置了客户端和 OAuth 服务器客户端设置。有没有人在任一配置中看到错误
站点:PORT3G 启动..
public void ConfigureAuth(IAppBuilder app)
{
JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
//port3g_implicit
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
ClientId = "port3g_implicit",
Authority = "http://localhost:22710", // Authorization Server
RedirectUri = "http://localhost:28037/", // Address of this website
ResponseType = "id_token token ", // Added token was not in orginal code
Scope = "openid profile offline_access read appRoles",
PostLogoutRedirectUri = "http://localhost:28037",
SignInAsAuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
}
站点:Webhost.OAuth
// BEGIN PORT3G
new Client
{
ClientId = "port3g_implicit",
ClientSecrets = new List<Secret>
{
new Secret("secret".Sha256())
},
ClientName = "Port3G",
Flow = Flows.Implicit,
AllowedScopes = new List<string>
{
Constants.StandardScopes.OpenId,
Constants.StandardScopes.Profile,Constants.StandardScopes.AllClaims ,
"read","appRoles"
},
RedirectUris = new List<string>
{
"http://localhost:28037/",
"http://localhost:28037/"
},
PostLogoutRedirectUris = new List<string>
{
"http://localhost:28037/"
},
Enabled = true
}
// END PORT3G
您是否开启了 IdentityServer logging?它对诊断这类问题非常有帮助。
在这种特定情况下,可能是因为您要求 offline_access,这在隐式流程中是不允许的。尝试从分配给范围的字符串中删除该标识符。当您打开登录时,您可能会看到以下指示此问题的行:
[错误] 不允许请求的范围:"offline_access"
您的回复类型末尾有一个 space
ResponseType = "id_token token ", // Added token was not in orginal code
删除它并尝试。同时删除 offline_access 范围
我正在设置我的客户端应用程序端口 3g 以使用 IdentityServer3 进行身份验证。
我收到错误:客户端应用程序未知或未经授权。 我想我已经正确配置了客户端和 OAuth 服务器客户端设置。有没有人在任一配置中看到错误
站点:PORT3G 启动..
public void ConfigureAuth(IAppBuilder app)
{
JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
//port3g_implicit
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
ClientId = "port3g_implicit",
Authority = "http://localhost:22710", // Authorization Server
RedirectUri = "http://localhost:28037/", // Address of this website
ResponseType = "id_token token ", // Added token was not in orginal code
Scope = "openid profile offline_access read appRoles",
PostLogoutRedirectUri = "http://localhost:28037",
SignInAsAuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
}
站点:Webhost.OAuth
// BEGIN PORT3G
new Client
{
ClientId = "port3g_implicit",
ClientSecrets = new List<Secret>
{
new Secret("secret".Sha256())
},
ClientName = "Port3G",
Flow = Flows.Implicit,
AllowedScopes = new List<string>
{
Constants.StandardScopes.OpenId,
Constants.StandardScopes.Profile,Constants.StandardScopes.AllClaims ,
"read","appRoles"
},
RedirectUris = new List<string>
{
"http://localhost:28037/",
"http://localhost:28037/"
},
PostLogoutRedirectUris = new List<string>
{
"http://localhost:28037/"
},
Enabled = true
}
// END PORT3G
您是否开启了 IdentityServer logging?它对诊断这类问题非常有帮助。
在这种特定情况下,可能是因为您要求 offline_access,这在隐式流程中是不允许的。尝试从分配给范围的字符串中删除该标识符。当您打开登录时,您可能会看到以下指示此问题的行:
[错误] 不允许请求的范围:"offline_access"
您的回复类型末尾有一个 space
ResponseType = "id_token token ", // Added token was not in orginal code
删除它并尝试。同时删除 offline_access 范围