我们正在使用EntityFrameworkCore与Identity Server4.初始设置后,身份server(localhost:6000/.well-known/openid-configuration)的发现端点工作正常.当我们尝试connect/token从邮递员调用端点时,它会给出400个错误的请求响应.这是我们的客户:
public static IEnumerable<Client> GetClients()
{
return new List<Client>
{
new Client
{
ClientId = "client",
// no interactive user, use the clientid/secret for authentication
AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
// secret for authentication
ClientSecrets =
{
new Secret("secret".Sha256())
},
// scopes that client has access to
AllowedScopes = { ApiResourceName.Sup_Api.Description() }
},
new Client
{
ClientId = "client2",
// no interactive user, use the clientid/secret for authentication
AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
// secret for authentication
ClientSecrets =
{
new Secret("secret".Sha256())
},
// scopes that client has access to
AllowedScopes = { "sup"}
}
};
}
这是postman连接/令牌发布请求:
http://localhost:6000/connect/token
?client_id=client2
&client_secret=secret
&grant_type=client_credentials
&scope=sup
响应:
{
"error": "invalid_request"
}
您不通过查询字符串传递参数.它的意思是在体内,使用内容类型application/x-www-form-urlencoded.
请参阅:https://tools.ietf.org/html/rfc6749#section-4.1.3
| 归档时间: |
|
| 查看次数: |
3787 次 |
| 最近记录: |