Identity Server 4 Swagger 身份验证

Identity Server 4 Swagger Authentication

我目前在使用 swagger 授权对身份服务器 4 的 api 调用时遇到问题。
我的 swagger 依赖使用 swashbuckle 版本 -身份服务器 4 中的 beta 客户端对象看起来像

new Client
{
    ClientId="swagger",
    Enabled = true,
    ClientName="Swagger",
    AllowedGrantTypes = GrantTypes.Implicit,
    ClientSecrets = new List<Secret>
    {
        new Secret("secret".Sha256())
    },
    AllowedScopes = new List<string>
    {
        "apil"
    },
    RedirectUris = new List<string>
    {
        "http://localhost:15138/swagger/ui/popup.html"
    },
    AllowedCorsOrigins = new List<string>
    {
        "http://localhost:15138",
        "http://localhost:15138"
    },
    AllowAccessTokensViaBrowser = true,
    AllowAccessToAllScopes= true
}

客户端对象是身份服务器4模型 在身份验证的配置方法中我有这个

app.UseIdentityServer();
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap = new Dictionary<string, string>();
app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
{
    Authority = "http://localhost:15138/",
    ScopeName = "apil",
    RequireHttpsMetadata = false,

});

使用 fiddler 我的获取请求如下所示

GET /connect/authorize?state=9321480892748389&nonce=5279296493808222&client_id=swagger&redirect_uri=http%3A%2F%2Flocalhost%3A15138%2Fswagger%2Fui%2Fpopup.html&response_type=id_token%20token&scope=apil HTTP/1.1

所有必要的参数都在那里,客户端有相应的客户端 ID,但我得到的响应是重定向到错误页面,其中包含无效请求的消息。我期待一个登录页面来传递凭据或类似的东西来获得授权我想知道我做错了什么才会发生。

我 运行 遇到了同样的问题,它与一些不同的事情有关。

  1. Swagger 需要配置安全定义。

  2. IdentityServerAuthentication AutomaticAuthenticate 需要为真。

  3. Swagger的client-id和客户端名称需要在Startup.cs中配置。

见下文:

public void ConfigureServices(IServiceCollection services)
{
    services.AddSwaggerGen(c => {
        c.SwaggerDoc("v1", new Info
        {
            Version = "v1",
            Title = "my api title",
            Description = "my api desc",
            TermsOfService = "None",
            Contact = new Contact { Name = "contact" }
        });

        var filePath = Path.Combine(PlatformServices.Default.Application.ApplicationBasePath, "api.xml");
        c.IncludeXmlComments(filePath);

        c.AddSecurityDefinition("oauth2", new OAuth2Scheme
        {
            Type = "oauth2",
            Flow = "implicit",
            AuthorizationUrl = "https://url",
            Scopes = new Dictionary<string, string>
            {
                { "api-name", "my api" }
            }
        });
    });
}

public void Configure(IApplicationBuilder app, ILoggerFactory    loggerFactory)
{
    loggerFactory.AddConsole(Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();

    app.UseIdentity();

    app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
    {
        Authority = "https://url",
        RequireHttpsMetadata = true,
        ApiName = "api-name",
        ApiSecret = "api-secret",
        AllowedScopes = { "api-name", "openid", "email", "profile" },
        ClaimsIssuer = "https://url",
        AutomaticAuthenticate = true,
    });

    app.UseStaticFiles();
    app.UseMvc();

    // Enable middleware to serve generated Swagger as a JSON endpoint
    app.UseSwagger();

    // Enable middleware to serve swagger-ui assets (HTML, JS, CSS etc.)
    app.UseSwaggerUi(c =>
    {
        c.ConfigureOAuth2("swagger-name", "swagger-secret", "swagger-realm", "Swagger");
    });
}