Question

使用POSTMAN，我正在努力检索我的Identity Server 3令牌。

错误代码为：400 Bad Request

以下是详细信息：

POST / identity / connect / token HTTP / 1.1

Host: localhost：44358 Content-Type:申请; x-www-form-urlencoded

Cache-Control: no-cache

Postman-Token: 57fc7aef-0006-81b2-8bf8-8d46b77d21d1

username = MYUSER-ID＆安培; password = MY-PASSWORD＆安培; grant_type =密码＆安培; client_id = rzrwebguiangulajsclient＆安培; client_secret = myclientsecret＆安培; {{1 }} = https://localhost:44331/callback

我使用简单的Visual Studio 2015 WebApi项目做了类似的事情，其终点是redirect_uri。

感谢任何指导/建议......

的问候，鲍勃

Answer 1

资源所有者OAuth请求所需的最低要求如下（为了便于阅读而添加了换行符）：

POST / connect / token

标题

Content-Type: application/x-www-form-urlencoded

体

username=MYUSER-ID
&password=MY-PASSWORD
&grant_type=password
&client_id=rzrwebguiangulajsclient
&client_secret=myclientsecret
&scope=api

在您的请求中，您没有请求范围。否则，在Identity Server中配置客户端可能会出现问题。

您最好的选择是enable logging并查看此请求出错时返回的内容。

更新：please don't use the ROPC grant type

Answer 2

我很高兴地说我们让Postman上班。

事实证明，我已经非常接近Postman使用Identity Server 3授权。

解决方案的最后一部分是将邮递员客户Flow设置为Flow = Flows.ClientCredentials（请参阅下面的postmantestclient客户定义）：

＆＃13;

using System.Collections.Generic;
using IdentityServer3.Core.Models;

namespace MyWebApi.MyIdentityServer.Config
{
public static class Clients
{
public static IEnumerable<Client> Get()
{
	return new[]
	{
		new Client
		{
			ClientId = MyConstants.MyIdentityServer.MyWebGuiClientId,
			ClientName = "My Web Gui Client",
			Flow = Flows.Implicit,
			AllowAccessToAllScopes = true,

			IdentityTokenLifetime = 300,
			AccessTokenLifetime = 300,  //5 minutes
			RequireConsent = false,

			// redirect = URI of the Angular application
			RedirectUris = new List<string>
			{
				MyConstants.MyIdentityServer.MyWebGuiUri + "callback.html",
				
				// for silent refresh
				MyConstants.MyIdentityServer.MyWebGuiUri + "silentrefreshframe.html"
			},
			PostLogoutRedirectUris = new List<string>()
			{
				MyConstants.MyIdentityServer.MyWebGuiUri + "index.html"
			}
		},
		new Client
		{
			ClientId = MyConstants.MyIdentityServer.SwaggerClientId,
			ClientName = "Swagger Client",
			Flow = Flows.Implicit,
			AllowAccessToAllScopes = true,

			IdentityTokenLifetime = 300,
			AccessTokenLifetime = 300,  
			RequireConsent = false,

			// redirect = URI of the Angular application
			RedirectUris = new List<string>
			{
				"https://localhost:44358/swagger/ui/o2c-html"
			}
		},
		new Client
		{
			ClientId = "postmantestclient",
			ClientName = "Postman http test client",
			Flow = Flows.ClientCredentials,
			AllowAccessToAllScopes = true,

			IdentityTokenLifetime = 300,
			AccessTokenLifetime = 300,  //5 minutes
			RequireConsent = false,

			ClientSecrets = new List<Secret>
			{
				new Secret("PostmanSecret".Sha256())
			},

			RedirectUris = new List<string>()
			{
				"https://www.getpostman.com/oauth2/callback"
			}
		 }
	};
}
}
}

＆＃13;

来自POSTMAN Http Tool的Identity Server 3令牌请求

2 个答案: