我在mysql後端實現了OWIN認證,我不認爲這是一個問題,因爲我的註冊工作非常好。我基本上已經關閉了this post(即切斷了大部分代碼)。「error」:來自自定義OWIN實現的「invalid_client」
我通過autofac還使用DI,所以我已經改變了一些東西四處依賴注入的SimpleAuthorizationServerProvider
的問題 我張貼到http://localhost/myappurl/token
grant_type =密碼,用戶名和密碼,我回來「錯誤 「:」 invalid_client」。當我嘗試調試時,我沒有得到任何效果,所以它可能在庫中失敗並且無法訪問我自己的代碼。有誰知道這是爲什麼?
請原諒冗長的代碼,我不知道問題出在哪裏,所以我發佈了所有我認爲相關的東西,如果有人需要查看更多代碼,請詢問。
SimpleAuthorizationServerProvider
public class SimpleAuthorizationServerProvider : OAuthAuthorizationServerProvider
{
private readonly IUserService _userService;
public SimpleAuthorizationServerProvider(IUserService userService)
{
_userService = userService;
}
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
context.Validated();
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
var authenticate = await _userService.FindUser(context.UserName, context.Password);
if (!authenticate)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim("role", "user"));
context.Validated(identity);
}
}
啓動
public partial class Startup
{
public void ConfigureAuth(IAppBuilder app)
{
HttpConfiguration config = new HttpConfiguration();
ConfigureOAuth(app, (IOAuthAuthorizationServerProvider)config.DependencyResolver.GetService(typeof(IOAuthAuthorizationServerProvider)));
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
app.UseWebApi(config);
}
public void ConfigureOAuth(IAppBuilder app, IOAuthAuthorizationServerProvider provider)
{
OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(90),
Provider = provider,
ApplicationCanDisplayErrors=true,
};
app.UseOAuthAuthorizationServer(OAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
}
IocConfig
public static class IocConfig
{
public static void Register(HttpConfiguration config)
{
var builder = new ContainerBuilder();
// Configure the container
// Register individual components
builder.Register(c => new MySQLContext()).As<IMySqlContext>().InstancePerRequest();
builder.RegisterType<SimpleAuthorizationServerProvider>().As<IOAuthAuthorizationServerProvider>();
builder.RegisterApiControllers(Assembly.GetExecutingAssembly());
var container = builder.Build();
config.DependencyResolver = new AutofacWebApiDependencyResolver(container);
}
}
您應該簡化您的代碼到http://stackoverflow.com/help/mcve。也許刪除Autofac DI的代碼,看看是否有什麼區別。否則很難說出問題的可能性。 – djikay
嗨,是的,你確實是對的@djikay,我刪除了所有DI的東西,我不再收到錯誤信息,我想知道爲什麼......但這是我要調查的一個。如果你能讓你的評論成爲答案,我會接受它。乾杯 –