1. 首页
  2. 问答
  3. IdentityServer4中令牌端点的HTTP请求无效

IdentityServer4中令牌端点的HTTP请求无效

2017-02-17 55 views
0

在调试跟踪中使用IDS4时,日志只会给我一点点继续。我收到上述错误(令牌端点无效的HTTP请求),当我张贴像这样:IdentityServer4中令牌端点的HTTP请求无效

Request starting HTTP/1.1 POST http://localhost:5000/connect/token?grant_type=password&client_id=resClient&client_secret=TopSecret&username=admin&password=admin123

在客户端(网页浏览器)我只是得到

{ "error": "invalid_request" }

整个调试日志看起来像这样:

dbug: Microsoft.AspNetCore.Server.Kestrel[1] 
     Connection id "0HL2NGBR0Q1O4" started. 
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1] 
     Request starting HTTP/1.1 POST http://localhost:5000/connect/token?grant_type=password&client_id=resClient&client_secret=TopSecret&username=admin&password=admin123 0 
dbug: Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware[9] 
     AuthenticationScheme: idsrv was not authenticated. 
dbug: IdentityServer4.Hosting.EndpointRouter[0] 
     Request path /connect/token matched to endpoint type Token 
dbug: IdentityServer4.Hosting.EndpointRouter[0] 
     Mapping found for endpoint: Token, creating handler: IdentityServer4.Endpoints.TokenEndpoint 
info: IdentityServer4.Hosting.IdentityServerMiddleware[0] 
     Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token 
trce: IdentityServer4.Endpoints.TokenEndpoint[0] 
     Processing token request. 
warn: IdentityServer4.Endpoints.TokenEndpoint[0] 
     Invalid HTTP request for token endpoint 
trce: IdentityServer4.Hosting.IdentityServerMiddleware[0] 
     Invoking result: IdentityServer4.Endpoints.Results.TokenErrorResult 
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2] 
     Request finished in 348.2168ms 400 application/json 
dbug: Microsoft.AspNetCore.Server.Kestrel[9] 
     Connection id "0HL2NGBR0Q1O4" completed keep alive response.

我的代码很稀疏。这里的Startup.cs:

namespace IDServer4Test 
{ 
    public class Startup 
    { 
     public void ConfigureServices(IServiceCollection services) 
     { 

      services.AddIdentityServer() 
      .AddTemporarySigningCredential() 
      .AddInMemoryClients(Configurations.Clients.GetClients()) 
      .AddInMemoryApiResources(Configurations.Scopes.GetApiResources()); 
      services.AddTransient<IResourceOwnerPasswordValidator, Configurations.ResourceOwnerPasswordValidator>(); 
      services.AddTransient<IProfileService, Configurations.ProfileService>(); 
     } 

     public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) 
     { 
      loggerFactory.AddConsole(LogLevel.Trace); 

      app.UseIdentityServer(); 
     } 
    } 
}

Clients.cs:

public class Clients 
{ 
    public static IEnumerable<Client> GetClients() 
    { 
     return new List<Client> 
    { 
     new Client 
     { 
      ClientId = "resClient", 
      ClientSecrets = { new Secret("TopSecret".Sha256()) }, 

      AllowedGrantTypes = GrantTypes.ResourceOwnerPasswordAndClientCredentials, 
      AllowedScopes = { "myAPI" } 
     } 
    }; 
    } 
}

而且Scopes.cs:

public class Scopes 
{ 
    public static IEnumerable<ApiResource> GetApiResources() 
    { 
     return new List<ApiResource> 
     { 
      new ApiResource("myAPI", "My API") 
     }; 
    } 
}

我要回去了从Id​​entityServer令牌响应,但只是不断到来回到这个错误。有任何想法吗?

来源

2017-02-17 Rafe

回答

2

这对令牌端点无效的HTTP请求;)

你检查规范? https://tools.ietf.org/html/rfc6749#section-4.3.2

参数在POST主体中传递。

请求在C#标记的最简单方法是使用IdentityModel客户端的lib https://github.com/IdentityModel/IdentityModel2

来源

2017-02-18 13:25:56 leastprivilege

+0

根据RFC,我需要的是grant_type,用户名和密码。范围是可选的。无论如何,用这些参数调整请求仍然不能解决问题。我在想我错过了一些代码。也许IdentityModel库有我需要的,但我对这种技术很陌生,所以我很难弄清楚如何整合它。 – Rafe

+1

是的。但作为表单发布。不作为查询字符串参数。 – leastprivilege

+0

我需要能够做到这一点,没有一个Web窗体的查询。你是说我用错误的方法来达到我追求的结果吗? – Rafe

0

您不包括scope您需要在发布帖子时使用代币。包括&scope=myAPI在您的请求,我认为您的请求将是有效的。

来源

2017-02-18 11:51:50 Mashton

+0

感谢@Mashton我试过了,但仍然没有喜悦。 – Rafe

相关问题

 相关问题