IdentityServer3隐式流

时间:2016-02-11 13:39:14

标签: identityserver3

我虽然是最简单的隐式流量测试。使用嵌入式选项完成快速演示。不幸的是,它并没有完全发挥作用。我没有得到令牌。

我认为这是完成大部分工作的代码。

客户端

          new Client {

            RequireConsent = false,
            Enabled = true,
            ClientId = "implicitclient",
            ClientName = "Implicit Client",
            Flow = Flows.Implicit,
            RedirectUris = new List<string>
            {
                "https://localhost:44310/identityclaim"
            },

            AllowedScopes = new List<string> {
                Constants.StandardScopes.OpenId,
                Constants.StandardScopes.Profile,
                Constants.StandardScopes.Email,
                "test"
            },
        AccessTokenType = AccessTokenType.Jwt
        }
    };

范围

        var scopes = new List<Scope>
        {
            new Scope
            {
                Enabled = true,
                Name = "test",
                Description = "Test",
                Type = ScopeType.Resource
            }
        };

        scopes.AddRange(StandardScopes.All);

        return scopes;

用户

        new InMemoryUser
        {
            Username = "User",
            Password = "secret",
            Subject = "1",

        }

验证

        app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
        {
            Authority = "https://localhost:44309/context",
            RequiredScopes = new[] { "test" }
        });
        app.UseCors(CorsOptions.AllowAll);

        // web api configuration
        var config = new HttpConfiguration();
        config.MapHttpAttributeRoutes();

        app.UseWebApi(config);

设置

                    return builder.Map("/context",
                            app =>
                            {
                                app.UseIdentityServer(new IdentityServerOptions
                                {
                                    SiteName = "SiteName",
                                    SigningCertificate = CertLoader.Load(),
                                    Factory = new IdentityServerServiceFactory()
                                            .UseInMemoryClients(Clients.Get())
                                            .UseInMemoryScopes(Scopes.Get())
                                            .UseInMemoryUsers(Users.Get()),
                                    RequireSsl = true,
                                    LoggingOptions = new LoggingOptions { EnableHttpLogging = true,
                                                                          EnableWebApiDiagnostics = true}
                                });
                            });

当前状态

当我登录嵌入式IdentityServer3时,我看到了这一点。

 Client Application Permissions
 You have not given permission to any applications

当我在浏览器中尝试使用此URL以希望获得令牌时,我看到一个错误。 我仔细地将base64编码为所有内容。

       https://localhost:44309/context/connect/authorize?client_id=c2FtcGxlYXBpY2xpZW50=&redirect_uri=aHR0cHM6Ly9sb2NhbGhvc3Q6NDQzMTAvY2xhaW1z&response_type=dG9rZW4=&scope=b3BlbmlkIGVtYWlsIG15V2ViQXBp&state=abc&nonce=xyz


  The client application made an invalid request.

2 个答案:

答案 0 :(得分:1)

你可以在RedirectUris之后检查AllowedCorsOrigins,

同样在您的请求中url client_id看起来无效

[{
    "type": "line",
    "plotarea": {
        "adjust-layout": true
    },
    "scale-x": {
        "label": {
            "text": "échelle essence gazoile"
        },

        "labels": ["sub01", "sub02", "sub02"]
    },
    "series": [{
        "values": [1, 8, 1]
    }, {
        "values": [14, 13, 14]
    }],

    "name": "city A",
    "elements": [{
        "id": "c01",
        "name": "name1",
        "price": "15",
        "qte": "10"
    }, {
        "id": "c02",
        "name": "name2",
        "price": "18",
        "qte": "11"
    }, {
        "id": "c03",
        "name": "name3",
        "price": "11",
        "qte": "14"
    }],
    "subsities": [{
        "name": "sub A1",
        "elements": [{
            "id": "sub01",
            "name": "nameSub1",
            "price": "1",
            "qte": "14"
        }, {
            "id": "sub02",
            "name": "nameSub2",
            "price": "8",
            "qte": "13"
        }, {
            "id": "sub03",
            "name": "nameSub3",
            "price": "1",
            "qte": "14"
        }]
    }, {
        "name": "sub A2",
        "elements": [{
            "id": "ssub01",
            "name": "nameSsub1",
            "price": "1",
            "qte": "7"
        }, {
            "id": "ssub02",
            "name": "nameSsub2",
            "price": "8",
            "qte": "1"
        }, {
            "id": "ssub03",
            "name": "nameSsub3",
            "price": "4",
            "qte": "19"
        }]
    }, {
        "name": "sub A3",
        "elements": [{
            "id": "sssub01",
            "name": "nameSssub1",
            "price": "1",
            "qte": "11"
        }, {
            "id": "sssub02",
            "name": "nameSssub2",
            "price": "2",
            "qte": "15"
        }, {
            "id": "sssub03",
            "name": "nameSssub3",
            "price": "1",
            "qte": "15"
        }]
    }]
    }, {
    "name": "city B",
    "elements": [{
        "id": "cc01",
        "name": "name11",
        "price": "10",
        "qte": "11"
    }, {
        "id": "cc02",
        "name": "name22",
        "price": "14",
        "qte": "19"
    }, {
        "id": "cc03",
        "name": "name33",
        "price": "11",
        "qte": "18"
    }]
    }, {
    "name": "city C",
    "elements": [{
        "id": "ccc01",
        "name": "name111",
        "price": "19",
        "qte": "12"
    }, {
        "id": "ccc02",
        "name": "name222",
        "price": "18",
        "qte": "17"
    }, {
        "id": "ccc03",
        "name": "name333",
        "price": "10",
        "qte": "5"
    }]
}]

https://localhost:44309/context/connect/authorize?client_id=c2FtcGxlYXBpY2xpZW50=&redirect_uri=aHR0cHM6Ly9sb2NhbGhvc3Q6NDQzMTAvY2xhaW1z&response_type=dG9rZW4=&scope=b3BlbmlkIGVtYWlsIG15V2ViQXBp&state=abc&nonce=xyz

所以它应该在下面

https://localhost:44309/context/connect/authorize?client_id= implicitclient &安培; REDIRECT_URI = aHR0cHM6Ly9sb2NhbGhvc3Q6NDQzMTAvY2xhaW1z&安培; RESPONSE_TYPE = dG9rZW4 =安培;范围= b3BlbmlkIGVtYWlsIG15V2ViQXBp&安培;状态= ABC&安培;随机数= XYZ

答案 1 :(得分:1)