无法请求令牌,请求字段为空
Unable to request a token, request fields empty
我正在尝试为 SPA 创建 API。我正在使用最新的 .NET Core、MVC 和 EF。我想使用 JWT 对用户进行身份验证,所以我决定使用 openiddict core。我已尝试根据 github page and this blog post 中的示例进行设置。问题是我在请求令牌时得到 "The specified grant type is not supported."。
这是 post 人工请求的屏幕截图:
这是我的 ConfigureServices 方法:
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
services.AddApplicationInsightsTelemetry(Configuration);
services.AddMvc();
services.AddDbContext<ApplicationDbContext>(
options => options.UseSqlServer(Configuration["Data:DefaultConnection:ConnectionString"])
);
services.AddIdentity<ApplicationUser, ApplicationRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddOpenIddict<ApplicationDbContext>()
.UseJsonWebTokens()
.EnableTokenEndpoint("/connect/token")
.AllowPasswordFlow()
.DisableHttpsRequirement() // TODO: remove in production
.AddEphemeralSigningKey(); // TODO: replace with a certificate, this should be used for development only
}
和Configure方法:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseApplicationInsightsRequestTelemetry();
app.UseApplicationInsightsExceptionTelemetry();
// don't use identity as this is a wrapper for using cookies, not needed
// app.UseIdentity();
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
AutomaticAuthenticate = true,
AutomaticChallenge = true,
RequireHttpsMetadata = false, // TODO: remove, dev only
Audience = "http://localhost:42443/", // TODO: ???
Authority = "http://localhost:42443/" // TODO: ???
});
app.UseOpenIddict();
app.UseMvcWithDefaultRoute();
}
我正在使用示例中的 AuthorizationController 来处理令牌请求。通过观察处理 /connect/token 请求的 Exchange 方法的 request 参数的内容,我发现它接收的所有字段都是空值:
作为 mentioned in the samples,您必须注册 OpenIddict MVC 模型绑定器才能使用 OpenIdConnectRequest 作为操作参数。
引用 OpenIddict.Mvc 包并调用 AddMvcBinders 它应该可以工作:
services.AddOpenIddict<ApplicationDbContext>()
// Register the ASP.NET Core MVC binder used by OpenIddict.
// Note: if you don't call this method, you won't be able to
// bind OpenIdConnectRequest or OpenIdConnectResponse parameters.
.AddMvcBinders()
...
我正在尝试为 SPA 创建 API。我正在使用最新的 .NET Core、MVC 和 EF。我想使用 JWT 对用户进行身份验证,所以我决定使用 openiddict core。我已尝试根据 github page and this blog post 中的示例进行设置。问题是我在请求令牌时得到 "The specified grant type is not supported."。
这是 post 人工请求的屏幕截图:
这是我的 ConfigureServices 方法:
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
services.AddApplicationInsightsTelemetry(Configuration);
services.AddMvc();
services.AddDbContext<ApplicationDbContext>(
options => options.UseSqlServer(Configuration["Data:DefaultConnection:ConnectionString"])
);
services.AddIdentity<ApplicationUser, ApplicationRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddOpenIddict<ApplicationDbContext>()
.UseJsonWebTokens()
.EnableTokenEndpoint("/connect/token")
.AllowPasswordFlow()
.DisableHttpsRequirement() // TODO: remove in production
.AddEphemeralSigningKey(); // TODO: replace with a certificate, this should be used for development only
}
和Configure方法:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseApplicationInsightsRequestTelemetry();
app.UseApplicationInsightsExceptionTelemetry();
// don't use identity as this is a wrapper for using cookies, not needed
// app.UseIdentity();
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
AutomaticAuthenticate = true,
AutomaticChallenge = true,
RequireHttpsMetadata = false, // TODO: remove, dev only
Audience = "http://localhost:42443/", // TODO: ???
Authority = "http://localhost:42443/" // TODO: ???
});
app.UseOpenIddict();
app.UseMvcWithDefaultRoute();
}
我正在使用示例中的 AuthorizationController 来处理令牌请求。通过观察处理 /connect/token 请求的 Exchange 方法的 request 参数的内容,我发现它接收的所有字段都是空值:
作为 mentioned in the samples,您必须注册 OpenIddict MVC 模型绑定器才能使用 OpenIdConnectRequest 作为操作参数。
引用 OpenIddict.Mvc 包并调用 AddMvcBinders 它应该可以工作:
services.AddOpenIddict<ApplicationDbContext>()
// Register the ASP.NET Core MVC binder used by OpenIddict.
// Note: if you don't call this method, you won't be able to
// bind OpenIdConnectRequest or OpenIdConnectResponse parameters.
.AddMvcBinders()
...