IdentityServer4 错误,此客户端不允许 offline_access
IdentityServer4 Error, offline_access is not allowed for this client
我在内存配置中创建了一个助手 class,
public class InMemoryConfiguration
{
public static IEnumerable<ApiResource> ApiResources()
{
return new[] {
new ApiResource("socialnetwork", "Social Network")
};
}
public static IEnumerable<Client> Clients()
{
return new[] {
new Client
{
ClientId = "socialnetwork",
ClientName = "SocialNetwork",
ClientSecrets = new [] { new Secret("secret".Sha256()) },
//Flow = Flows.ResourceOwner,
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
AllowedScopes = new [] { "socialnetwork", StandardScopes.OfflineAccess, StandardScopes.OpenId, StandardScopes.OfflineAccess },
Enabled = true
}
};
}
public static IEnumerable<TestUser> Users()
{
return new[] {
new TestUser
{
SubjectId = "1",
Username = "myUser@question.com",
Password = "password",
}
};
}
}
从我的 ASP.Net 应用程序(单独的项目),我正在发送身份验证请求,
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
try
{
if (!ModelState.IsValid)
{
return View(model);
}
var client = new OAuth2Client(new Uri("http://localhost:61502/connect/token"), "socialnetwork", "secret");
var requestResponse = client.RequestAccessTokenUserName(model.Email, model.Password, "openid profile offline_access");
var claims = new[]
{
new Claim("access_token", requestResponse.AccessToken),
new Claim("refresh_token", requestResponse.RefreshToken)
};
var claimsIdentity = new ClaimsIdentity(claims,
DefaultAuthenticationTypes.ApplicationCookie);
HttpContext.GetOwinContext().Authentication.SignIn(claimsIdentity);
return RedirectToLocal(returnUrl);
}
catch (Exception ex)
{
//Do my Error Handling
}
}
现在我在服务器控制台上看到错误,
offline_access is not allowed for this client: socialnetwork
我已经在 allowe 上提供了对客户端的所有访问权限
d scope,
AllowedScopes = new [] { "socialnetwork", StandardScopes.OfflineAccess, StandardScopes.OpenId, StandardScopes.OfflineAccess }
为什么会出现此错误?是跟流量有关还是其他什么。
在客户端配置中将 AllowOfflineAccess 属性 设置为 true 而不是将其添加到 AllowedScopes:
new Client
{
ClientId = "socialnetwork",
ClientName = "SocialNetwork",
ClientSecrets = new [] { new Secret("secret".Sha256()) },
//Flow = Flows.ResourceOwner,
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
AllowedScopes = new [] { "socialnetwork",StandardScopes.OpenId },
Enabled = true,
AllowOfflineAccess = true
}
我在内存配置中创建了一个助手 class,
public class InMemoryConfiguration
{
public static IEnumerable<ApiResource> ApiResources()
{
return new[] {
new ApiResource("socialnetwork", "Social Network")
};
}
public static IEnumerable<Client> Clients()
{
return new[] {
new Client
{
ClientId = "socialnetwork",
ClientName = "SocialNetwork",
ClientSecrets = new [] { new Secret("secret".Sha256()) },
//Flow = Flows.ResourceOwner,
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
AllowedScopes = new [] { "socialnetwork", StandardScopes.OfflineAccess, StandardScopes.OpenId, StandardScopes.OfflineAccess },
Enabled = true
}
};
}
public static IEnumerable<TestUser> Users()
{
return new[] {
new TestUser
{
SubjectId = "1",
Username = "myUser@question.com",
Password = "password",
}
};
}
}
从我的 ASP.Net 应用程序(单独的项目),我正在发送身份验证请求,
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
try
{
if (!ModelState.IsValid)
{
return View(model);
}
var client = new OAuth2Client(new Uri("http://localhost:61502/connect/token"), "socialnetwork", "secret");
var requestResponse = client.RequestAccessTokenUserName(model.Email, model.Password, "openid profile offline_access");
var claims = new[]
{
new Claim("access_token", requestResponse.AccessToken),
new Claim("refresh_token", requestResponse.RefreshToken)
};
var claimsIdentity = new ClaimsIdentity(claims,
DefaultAuthenticationTypes.ApplicationCookie);
HttpContext.GetOwinContext().Authentication.SignIn(claimsIdentity);
return RedirectToLocal(returnUrl);
}
catch (Exception ex)
{
//Do my Error Handling
}
}
现在我在服务器控制台上看到错误,
offline_access is not allowed for this client: socialnetwork
我已经在 allowe 上提供了对客户端的所有访问权限
d scope,
AllowedScopes = new [] { "socialnetwork", StandardScopes.OfflineAccess, StandardScopes.OpenId, StandardScopes.OfflineAccess }
为什么会出现此错误?是跟流量有关还是其他什么。
在客户端配置中将 AllowOfflineAccess 属性 设置为 true 而不是将其添加到 AllowedScopes:
new Client
{
ClientId = "socialnetwork",
ClientName = "SocialNetwork",
ClientSecrets = new [] { new Secret("secret".Sha256()) },
//Flow = Flows.ResourceOwner,
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
AllowedScopes = new [] { "socialnetwork",StandardScopes.OpenId },
Enabled = true,
AllowOfflineAccess = true
}