使用 ASOS 在 OpenID Connect 服务器中返回 401 响应
Returning 401 response in OpenID Connect server with ASOS
我遵循了 Creating your own OpenID Connect server with ASOS 上的教程。一切正常,但如果用户输入错误的凭据,他将看到 400 响应状态代码。我想将此状态代码更改为 401。这是我的 HandleTokenRequest 函数版本的代码:
public override Task HandleTokenRequest(HandleTokenRequestContext context)
{
if (context.Request.IsPasswordGrantType())
{
return GrantResourceOwnerCredentials(context);
}
return base.HandleTokenRequest(context);
}
private async Task GrantResourceOwnerCredentials(HandleTokenRequestContext context)
{
var userService = context.HttpContext.RequestServices.GetService<IUserService>();
var user = await userService.AuthenticateAsync(context.Request.Username, context.Request.Password);
if (user != null)
{
var identity = CreatePrincipal(Mapper.Map<UserModel>(user), null);
var ticket = new AuthenticationTicket(identity, new AuthenticationProperties(), context.Scheme.Name);
ticket.SetScopes(Consts.Scopes.Api1, Consts.Scopes.ApiOfflineAccess);
context.Validate(ticket);
return;
}
context.Reject(error: "invalid_grant", description: "The user name or password is incorrect.");
}
我看不到如何在此处传递响应代码。这种方法可行吗?
将我的评论作为答案。
根据我的经验,400 状态码是非常典型的。
它也在规范中:https://openid.net/specs/openid-connect-core-1_0.html#TokenErrorResponse
If the Token Request is invalid or unauthorized, the Authorization
Server constructs the error response. The parameters of the Token
Error Response are defined as in Section 5.2 of OAuth 2.0 [RFC6749].
The HTTP response body uses the application/json media type with HTTP
response code of 400.
我遵循了 Creating your own OpenID Connect server with ASOS 上的教程。一切正常,但如果用户输入错误的凭据,他将看到 400 响应状态代码。我想将此状态代码更改为 401。这是我的 HandleTokenRequest 函数版本的代码:
public override Task HandleTokenRequest(HandleTokenRequestContext context)
{
if (context.Request.IsPasswordGrantType())
{
return GrantResourceOwnerCredentials(context);
}
return base.HandleTokenRequest(context);
}
private async Task GrantResourceOwnerCredentials(HandleTokenRequestContext context)
{
var userService = context.HttpContext.RequestServices.GetService<IUserService>();
var user = await userService.AuthenticateAsync(context.Request.Username, context.Request.Password);
if (user != null)
{
var identity = CreatePrincipal(Mapper.Map<UserModel>(user), null);
var ticket = new AuthenticationTicket(identity, new AuthenticationProperties(), context.Scheme.Name);
ticket.SetScopes(Consts.Scopes.Api1, Consts.Scopes.ApiOfflineAccess);
context.Validate(ticket);
return;
}
context.Reject(error: "invalid_grant", description: "The user name or password is incorrect.");
}
我看不到如何在此处传递响应代码。这种方法可行吗?
将我的评论作为答案。 根据我的经验,400 状态码是非常典型的。
它也在规范中:https://openid.net/specs/openid-connect-core-1_0.html#TokenErrorResponse
If the Token Request is invalid or unauthorized, the Authorization Server constructs the error response. The parameters of the Token Error Response are defined as in Section 5.2 of OAuth 2.0 [RFC6749]. The HTTP response body uses the application/json media type with HTTP response code of 400.