IdentityServer4中令牌端点的HTTP请求无效

Question

IdentityServer4中令牌端点的HTTP请求无效

Raf*_*afe 2 c# token endpoint identityserver4

使用IDS4和调试跟踪,日志只给我一点点继续.我发布时遇到上述错误(令牌端点的无效HTTP请求):

Request starting HTTP/1.1 POST http://localhost:5000/connect/token?grant_type=password&client_id=resClient&client_secret=TopSecret&username=admin&password=admin123

Run Code Online (Sandbox Code Playgroud)

在客户端(Web浏览器)我得到

{ "error": "invalid_request" }

Run Code Online (Sandbox Code Playgroud)

整个调试日志如下所示:

dbug: Microsoft.AspNetCore.Server.Kestrel[1]
      Connection id "0HL2NGBR0Q1O4" started.
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
      Request starting HTTP/1.1 POST http://localhost:5000/connect/token?grant_type=password&client_id=resClient&client_secret=TopSecret&username=admin&password=admin123  0
dbug: Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware[9]
      AuthenticationScheme: idsrv was not authenticated.
dbug: IdentityServer4.Hosting.EndpointRouter[0]
      Request path /connect/token matched to endpoint type Token
dbug: IdentityServer4.Hosting.EndpointRouter[0]
      Mapping found for endpoint: Token, creating handler: IdentityServer4.Endpoints.TokenEndpoint
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
      Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
trce: IdentityServer4.Endpoints.TokenEndpoint[0]
      Processing token request.
warn: IdentityServer4.Endpoints.TokenEndpoint[0]
      Invalid HTTP request for token endpoint
trce: IdentityServer4.Hosting.IdentityServerMiddleware[0]
      Invoking result: IdentityServer4.Endpoints.Results.TokenErrorResult
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
      Request finished in 348.2168ms 400 application/json
dbug: Microsoft.AspNetCore.Server.Kestrel[9]
      Connection id "0HL2NGBR0Q1O4" completed keep alive response.

Run Code Online (Sandbox Code Playgroud)

我的代码很稀疏.这是Startup.cs:

namespace IDServer4Test
{
    public class Startup
    {
        public void ConfigureServices(IServiceCollection services)
        {

            services.AddIdentityServer()
            .AddTemporarySigningCredential()
            .AddInMemoryClients(Configurations.Clients.GetClients())
            .AddInMemoryApiResources(Configurations.Scopes.GetApiResources());
            services.AddTransient<IResourceOwnerPasswordValidator, Configurations.ResourceOwnerPasswordValidator>();
            services.AddTransient<IProfileService, Configurations.ProfileService>();
        }

        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
            loggerFactory.AddConsole(LogLevel.Trace);

            app.UseIdentityServer();
        }
    }
}

Run Code Online (Sandbox Code Playgroud)

Clients.cs:

public class Clients
{
    public static IEnumerable<Client> GetClients()
    {
        return new List<Client>
    {
        new Client
        {
            ClientId = "resClient",
            ClientSecrets = { new Secret("TopSecret".Sha256()) },

            AllowedGrantTypes = GrantTypes.ResourceOwnerPasswordAndClientCredentials,
            AllowedScopes = { "myAPI" }
        }
    };
    }
}

Run Code Online (Sandbox Code Playgroud)

和Scopes.cs:

public class Scopes
{
    public static IEnumerable<ApiResource> GetApiResources()
    {
        return new List<ApiResource>
        {
            new ApiResource("myAPI", "My API")
        };
    }
}

Run Code Online (Sandbox Code Playgroud)

我应该从IdentityServer回来一个令牌响应,但只是不断回来这个错误.有任何想法吗？

Answer 1

lea*_*ege 6

这是令牌端点的无效HTTP请求;)

你检查了规格吗？ https://tools.ietf.org/html/rfc6749#section-4.3.2

参数在POST正文中传递.

在C#中请求令牌的最简单方法是使用IdentityModel客户端库 https://github.com/IdentityModel/IdentityModel2

是的。但作为一个表格帖子。不作为查询字符串参数。 (2认同)
好的，将帖子更改为使用 x-www-form-urlencoded 使其成功发布。不幸的是，现在我有一个“invalid_client”。猜猜这可能完全是另一个问题。谢谢你的帮助！ (2认同)

归档时间：	8 年，9 月前
查看次数：	5164 次
最近记录：	8 年，9 月前