无法请求令牌,请求字段为空
Hon*_*fus 4 jwt asp.net-core openiddict
我正在尝试为 SPA 创建 API。我正在使用最新的 .NET Core、MVC 和 EF。我想使用 JWT 对用户进行身份验证,因此我决定使用 openiddict 核心。我尝试根据github 页面和这篇博客文章中的示例进行设置。问题是我收到“不支持指定的授权类型”。当请求令牌时。
Here's screenshot of postman request:
Here's my ConfigureServices method:
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
services.AddApplicationInsightsTelemetry(Configuration);
services.AddMvc();
services.AddDbContext<ApplicationDbContext>(
options => options.UseSqlServer(Configuration["Data:DefaultConnection:ConnectionString"])
);
services.AddIdentity<ApplicationUser, ApplicationRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddOpenIddict<ApplicationDbContext>()
.UseJsonWebTokens()
.EnableTokenEndpoint("/connect/token")
.AllowPasswordFlow()
.DisableHttpsRequirement() // TODO: remove in production
.AddEphemeralSigningKey(); // TODO: replace with a certificate, this should be used for development only
}
And the Configure method:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseApplicationInsightsRequestTelemetry();
app.UseApplicationInsightsExceptionTelemetry();
// don't use identity as this is a wrapper for using cookies, not needed
// app.UseIdentity();
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
AutomaticAuthenticate = true,
AutomaticChallenge = true,
RequireHttpsMetadata = false, // TODO: remove, dev only
Audience = "http://localhost:42443/", // TODO: ???
Authority = "http://localhost:42443/" // TODO: ???
});
app.UseOpenIddict();
app.UseMvcWithDefaultRoute();
}
I'm using the AuthorizationController from the samples to handle the token requests. By observing the contents of the request argument of the Exchange method, which handles the /connect/token requests, I've discovered that it receives all the fields as nulls:
I have no idea why. The postman request should be correct according to this and this blog post. Where is the problem?
如示例中所述,您必须注册 OpenIddict MVC 模型绑定器才能用作OpenIdConnectRequest操作参数。
引用该OpenIddict.Mvc包并调用AddMvcBinders,它应该可以工作:
services.AddOpenIddict<ApplicationDbContext>()
// Register the ASP.NET Core MVC binder used by OpenIddict.
// Note: if you don't call this method, you won't be able to
// bind OpenIdConnectRequest or OpenIdConnectResponse parameters.
.AddMvcBinders()
...
| 归档时间: |
|
| 查看次数: |
392 次 |
| 最近记录: |