我已經搜索並找到了一些東西,但沒有完整的文件here。如何遠程訪問IdentityServer3上承載的Identity Manager API?
有人請給我一步一步的解釋嗎?
我有IdentityServer3配置良好,我確認可以通過瀏覽器訪問IdentityManager並完美管理用戶。現在,我需要管理用戶,但需要另一個定製應用程序。所以,我需要:
登錄通過自定義應用程序
通過IDM API管理用戶。
我已經使用了「ResourceOwner」授權和使用的「idmgr」範圍,以獲得訪問令牌:https://localhost:44376/ids/connect/token。
但是當我使用該令牌訪問https://localhost:44376/idm/api/users?count=10&start=0,我得到的消息"Authorization has been denied for this request."
var client = new HttpClient();
var dic = new Dictionary<string, string>();
dic.Add("client_id", "mvc");
dic.Add("client_secret", "secret");
dic.Add("grant_type", "password");
dic.Add("scope", "openid profile");
dic.Add("username", "[email protected]");
dic.Add("password", "[email protected]");
var content = new FormUrlEncodedContent(dic);
var msg = client.PostAsync("https://localhost:44383/identity/connect/token", content).Result.Content.ReadAsStringAsync().Result;
string token = Newtonsoft.Json.JsonConvert.DeserializeObject<dynamic>(msg).access_token;
var jwt = new JwtSecurityToken(token);
var identity = new ClaimsIdentity("ApplicationCookie", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);
foreach (var c in jwt.Claims)
{
var t = c.Type;
var v = c.Value;
identity.AddClaim(new Claim(t, v));
}
IAuthenticationManager authenticationManager = HttpContext.GetOwinContext().Authentication;
authenticationManager.SignOut("ApplicationCookie");
authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, identity);
return Redirect("Index");
你有沒有作用,要求正確設置登錄的用戶? http://stackoverflow.com/questions/35677334/secure-identitymanager-with-identityserver3/ – rawel
@rawel我有2個角色「管理員」和「IdentityManagerAdministrator」,爲此用戶設置 –
你有沒有得到這個工作? –