Identity Server 4 Swagger身份验证-Java 学习之路

我目前在使用swagger授权对身份服务器4的api调用时遇到问题 .
我的招摇依赖是使用swashbuckle版本-beta客户端对象在身份服务器4中看起来像

new Client
{
    ClientId="swagger",
    Enabled = true,
    ClientName="Swagger",
    AllowedGrantTypes = GrantTypes.Implicit,
    ClientSecrets = new List<Secret>
    {
        new Secret("secret".Sha256())
    },
    AllowedScopes = new List<string>
    {
        "apil"
    },
    RedirectUris = new List<string>
    {
        "http://localhost:15138/swagger/ui/popup.html"
    },
    AllowedCorsOrigins = new List<string>
    {
        "http://localhost:15138",
        "http://localhost:15138"
    },
    AllowAccessTokensViaBrowser = true,
    AllowAccessToAllScopes= true
}

客户端对象是身份验证的配置方法中的身份服务器4模型

app.UseIdentityServer();
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap = new Dictionary<string, string>();
app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
{
    Authority = "http://localhost:15138/",
    ScopeName = "apil",
    RequireHttpsMetadata = false,

});

使用fiddler我的get请求看起来像这样

GET /connect/authorize?state=9321480892748389&nonce=5279296493808222&client_id=swagger&redirect_uri=http%3A%2F%2Flocalhost%3A15138%2Fswagger%2Fui%2Fpopup.html&response_type=id_token%20token&scope=apil HTTP / 1.1

所有必要的参数都在那里，客户端具有相应的客户端ID，但我得到的响应是重定向到错误页面，其中包含无效请求的消息 . 我期待一个登录页面传递凭据或类似的东西获得授权我想知道我做错了什么 .

1 回答

我遇到了同样的问题，这与一些不同的事情有关 .

Swagger需要配置安全定义 .
IdentityServerAuthentication AutomaticAuthenticate必须为true .
需要在Startup.cs中配置Swagger的客户端ID和客户端名称 .

见下文：

public void ConfigureServices(IServiceCollection services)
{
    services.AddSwaggerGen(c => {
        c.SwaggerDoc("v1", new Info
        {
            Version = "v1",
            Title = "my api title",
            Description = "my api desc",
            TermsOfService = "None",
            Contact = new Contact { Name = "contact" }
        });

        var filePath = Path.Combine(PlatformServices.Default.Application.ApplicationBasePath, "api.xml");
        c.IncludeXmlComments(filePath);

        c.AddSecurityDefinition("oauth2", new OAuth2Scheme
        {
            Type = "oauth2",
            Flow = "implicit",
            AuthorizationUrl = "https://url",
            Scopes = new Dictionary<string, string>
            {
                { "api-name", "my api" }
            }
        });
    });
}

public void Configure(IApplicationBuilder app, ILoggerFactory    loggerFactory)
{
    loggerFactory.AddConsole(Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();

    app.UseIdentity();

    app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
    {
        Authority = "https://url",
        RequireHttpsMetadata = true,
        ApiName = "api-name",
        ApiSecret = "api-secret",
        AllowedScopes = { "api-name", "openid", "email", "profile" },
        ClaimsIssuer = "https://url",
        AutomaticAuthenticate = true,
    });

    app.UseStaticFiles();
    app.UseMvc();

    // Enable middleware to serve generated Swagger as a JSON endpoint
    app.UseSwagger();

    // Enable middleware to serve swagger-ui assets (HTML, JS, CSS etc.)
    app.UseSwaggerUi(c =>
    {
        c.ConfigureOAuth2("swagger-name", "swagger-secret", "swagger-realm", "Swagger");
    });
}

回复于 2024-05-11T12:59:30+08:00

Identity Server 4 Swagger身份验证

1 回答

相关问题