IdentityServer4中令牌 endpoints 的HTTP请求无效-Java 学习之路

使用IDS4和调试跟踪，日志只给我一点点继续 . 我发布时遇到上述错误（令牌 endpoints 的无效HTTP请求）：

Request starting HTTP/1.1 POST http://localhost:5000/connect/token?grant_type=password&client_id=resClient&client_secret=TopSecret&username=admin&password=admin123

在客户端（Web浏览器）我得到

{ "error": "invalid_request" }

整个调试日志如下所示：

dbug: Microsoft.AspNetCore.Server.Kestrel[1]
      Connection id "0HL2NGBR0Q1O4" started.
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
      Request starting HTTP/1.1 POST http://localhost:5000/connect/token?grant_type=password&client_id=resClient&client_secret=TopSecret&username=admin&password=admin123  0
dbug: Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware[9]
      AuthenticationScheme: idsrv was not authenticated.
dbug: IdentityServer4.Hosting.EndpointRouter[0]
      Request path /connect/token matched to endpoint type Token
dbug: IdentityServer4.Hosting.EndpointRouter[0]
      Mapping found for endpoint: Token, creating handler: IdentityServer4.Endpoints.TokenEndpoint
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
      Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
trce: IdentityServer4.Endpoints.TokenEndpoint[0]
      Processing token request.
warn: IdentityServer4.Endpoints.TokenEndpoint[0]
      Invalid HTTP request for token endpoint
trce: IdentityServer4.Hosting.IdentityServerMiddleware[0]
      Invoking result: IdentityServer4.Endpoints.Results.TokenErrorResult
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
      Request finished in 348.2168ms 400 application/json
dbug: Microsoft.AspNetCore.Server.Kestrel[9]
      Connection id "0HL2NGBR0Q1O4" completed keep alive response.

我的代码很稀疏 . 这是Startup.cs：

namespace IDServer4Test
{
    public class Startup
    {
        public void ConfigureServices(IServiceCollection services)
        {

            services.AddIdentityServer()
            .AddTemporarySigningCredential()
            .AddInMemoryClients(Configurations.Clients.GetClients())
            .AddInMemoryApiResources(Configurations.Scopes.GetApiResources());
            services.AddTransient<IResourceOwnerPasswordValidator, Configurations.ResourceOwnerPasswordValidator>();
            services.AddTransient<IProfileService, Configurations.ProfileService>();
        }

        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
            loggerFactory.AddConsole(LogLevel.Trace);

            app.UseIdentityServer();
        }
    }
}

Clients.cs：

public class Clients
{
    public static IEnumerable<Client> GetClients()
    {
        return new List<Client>
    {
        new Client
        {
            ClientId = "resClient",
            ClientSecrets = { new Secret("TopSecret".Sha256()) },

            AllowedGrantTypes = GrantTypes.ResourceOwnerPasswordAndClientCredentials,
            AllowedScopes = { "myAPI" }
        }
    };
    }
}

和Scopes.cs：

public class Scopes
{
    public static IEnumerable<ApiResource> GetApiResources()
    {
        return new List<ApiResource>
        {
            new ApiResource("myAPI", "My API")
        };
    }
}

我应该从IdentityServer回来一个令牌响应，但只是不断回来这个错误 . 有任何想法吗？

2 回答

0

这是令牌 endpoints 的无效HTTP请求;）

你检查了规格吗？ https://tools.ietf.org/html/rfc6749#section-4.3.2

参数在POST正文中传递 .

在C＃中请求令牌的最简单方法是使用IdentityModel客户端lib https://github.com/IdentityModel/IdentityModel2

回复于 2024-05-01T10:15:22+08:00
5

在发帖时，您不需要包含 scope 令牌 . 在您的请求中包含 &scope=myAPI ，我认为您的请求将有效 .

回复于 2024-05-01T10:15:22+08:00

IdentityServer4中令牌 endpoints 的HTTP请求无效

2 回答

相关问题