我在我的 Asp.net core API 应用程序中使用身份服务器 4,我在本地服务器
https://localhost:[port]/connect/token上获得成功的令牌
,它提供访问令牌,当我使用不记名令牌访问时授权方法然后它工作正常
,但在服务器
https://example.com/connect/token它也给出成功的令牌,但是当我使用此令牌访问授权方法时,它给出401 未经授权的错误
"Authority": "https://example.com",
"Audience": "https://example.com/resources",
"RequireHttpsMetadata": "true"
services.AddIdentityServer(options =>
{
options.Events.RaiseErrorEvents = true;
options.Events.RaiseInformationEvents = true;
options.Events.RaiseFailureEvents = true;
options.Events.RaiseSuccessEvents = true;
})
.AddDeveloperSigningCredential()
.AddInMemoryPersistedGrants()
.AddInMemoryIdentityResources(GetIdentityResources())
.AddInMemoryApiResources(GetApiResources())
.AddInMemoryClients(GetClients())
.AddAspNetIdentity<User>();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.Authority = configuration["AppSettings:Authority"];
options.Audience = configuration["AppSettings:Audience"];
options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AppSettings:RequireHttpsMetadata"]);
});
services.AddTransient<IProfileService, IdentityClaimsProfileService>();
public static IEnumerable<IdentityResource> GetIdentityResources()
{
return new List<IdentityResource>
{ …unauthorized authorize-attribute bearer-token identityserver4 asp.net-core-webapi