1. 首頁
  2. 問答
  3. IdentityServer4中令牌端點的HTTP請求無效

IdentityServer4中令牌端點的HTTP請求無效

2017-02-17 56 views
0

在調試跟蹤中使用IDS4時,日誌只會給我一點點繼續。我收到上述錯誤(令牌端點無效的HTTP請求),當我張貼像這樣:IdentityServer4中令牌端點的HTTP請求無效

Request starting HTTP/1.1 POST http://localhost:5000/connect/token?grant_type=password&client_id=resClient&client_secret=TopSecret&username=admin&password=admin123

在客戶端(網頁瀏覽器)我只是得到

{ "error": "invalid_request" }

整個調試日誌看起來像這樣:

dbug: Microsoft.AspNetCore.Server.Kestrel[1] 
     Connection id "0HL2NGBR0Q1O4" started. 
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1] 
     Request starting HTTP/1.1 POST http://localhost:5000/connect/token?grant_type=password&client_id=resClient&client_secret=TopSecret&username=admin&password=admin123 0 
dbug: Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware[9] 
     AuthenticationScheme: idsrv was not authenticated. 
dbug: IdentityServer4.Hosting.EndpointRouter[0] 
     Request path /connect/token matched to endpoint type Token 
dbug: IdentityServer4.Hosting.EndpointRouter[0] 
     Mapping found for endpoint: Token, creating handler: IdentityServer4.Endpoints.TokenEndpoint 
info: IdentityServer4.Hosting.IdentityServerMiddleware[0] 
     Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token 
trce: IdentityServer4.Endpoints.TokenEndpoint[0] 
     Processing token request. 
warn: IdentityServer4.Endpoints.TokenEndpoint[0] 
     Invalid HTTP request for token endpoint 
trce: IdentityServer4.Hosting.IdentityServerMiddleware[0] 
     Invoking result: IdentityServer4.Endpoints.Results.TokenErrorResult 
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2] 
     Request finished in 348.2168ms 400 application/json 
dbug: Microsoft.AspNetCore.Server.Kestrel[9] 
     Connection id "0HL2NGBR0Q1O4" completed keep alive response.

我的代碼很稀疏。這裏的Startup.cs:

namespace IDServer4Test 
{ 
    public class Startup 
    { 
     public void ConfigureServices(IServiceCollection services) 
     { 

      services.AddIdentityServer() 
      .AddTemporarySigningCredential() 
      .AddInMemoryClients(Configurations.Clients.GetClients()) 
      .AddInMemoryApiResources(Configurations.Scopes.GetApiResources()); 
      services.AddTransient<IResourceOwnerPasswordValidator, Configurations.ResourceOwnerPasswordValidator>(); 
      services.AddTransient<IProfileService, Configurations.ProfileService>(); 
     } 

     public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) 
     { 
      loggerFactory.AddConsole(LogLevel.Trace); 

      app.UseIdentityServer(); 
     } 
    } 
}

Clients.cs:

public class Clients 
{ 
    public static IEnumerable<Client> GetClients() 
    { 
     return new List<Client> 
    { 
     new Client 
     { 
      ClientId = "resClient", 
      ClientSecrets = { new Secret("TopSecret".Sha256()) }, 

      AllowedGrantTypes = GrantTypes.ResourceOwnerPasswordAndClientCredentials, 
      AllowedScopes = { "myAPI" } 
     } 
    }; 
    } 
}

而且Scopes.cs:

public class Scopes 
{ 
    public static IEnumerable<ApiResource> GetApiResources() 
    { 
     return new List<ApiResource> 
     { 
      new ApiResource("myAPI", "My API") 
     }; 
    } 
}

我要回去了從Id​​entityServer令牌響應,但只是不斷到來回到這個錯誤。有任何想法嗎?

來源

2017-02-17 Rafe

回答

2

這對令牌端點無效的HTTP請求;)

你檢查規範? https://tools.ietf.org/html/rfc6749#section-4.3.2

參數在POST主體中傳遞。

請求在C#標記的最簡單方法是使用IdentityModel客戶端的lib https://github.com/IdentityModel/IdentityModel2

來源

2017-02-18 13:25:56 leastprivilege

+0

根據RFC,我需要的是grant_type,用戶名和密碼。範圍是可選的。無論如何,用這些參數調整請求仍然不能解決問題。我在想我錯過了一些代碼。也許IdentityModel庫有我需要的,但我對這種技術很陌生,所以我很難弄清楚如何整合它。 – Rafe

+1

是的。但作爲表單發佈。不作爲查詢字符串參數。 – leastprivilege

+0

我需要能夠做到這一點,沒有一個Web窗體的查詢。你是說我用錯誤的方法來達到我追求的結果嗎? – Rafe

0

您不包括scope您需要在發佈帖子時使用代幣。包括&scope=myAPI在您的請求,我認爲您的請求將是有效的。

來源

2017-02-18 11:51:50 Mashton

+0

感謝@Mashton我試過了,但仍然沒有喜悅。 – Rafe

相關問題

 相關問題