我创建了一个IdentityServer,可以通过将ClientId和ClientSecret传递到令牌端点
My IndetityServer设置在
之下var certFile = env.ApplicationBasePath + $"{Path.DirectorySeparatorChar}idsrv3test.pfx";
var options = new IdentityServerOptions
{
Factory = new IdentityServerServiceFactory()
.UseInMemoryClients(Client.Get())
.UseInMemoryScopes(Scope.Get())
.UseInMemoryUsers(User.Get()),
SigningCertificate = new X509Certificate2(certFile, "idsrv3test"),
RequireSsl = false
};
app.UseIdentityServer(options);
当我调用受保护的MVC 6 Web API时,我得到了一个
没有可用于令牌的SecurityTokenValidator: c7f2c3890d83a454fcb504cb96c75fe7
以下是我的API Startup.cs中的设置
app.UseJwtBearerAuthentication(options =>
{
options.Authority = $@"{tokenServiceUrl}";
options.Audience = $@"{tokenServiceUrl}/resources";
options.AutomaticAuthenticate = true;
options.RequireHttpsMetadata = false;
});
我确保此设置在app.UseMvc()调用之前完成。还有什么我必须做的吗?
答案 0 :(得分:0)
运行
从包管理器控制台安装-包 IdentityServer3.AccessTokenValidation.Integration.AspNet -Pre
安装API的集成包。然后将以下代码添加到API的Startup.cs类的Configure方法
app.UseIdentityServerBearerTokenAuthentication
(
new IdentityServerBearerTokenAuthenticationOptions
{
Authority = tokenServiceUrl,
ValidationMode = ValidationMode.ValidationEndpoint,
RequiredScopes = new[] { "SomeScope" }
}
);