我正在设置我的客户端应用程序port3g以使用IdentityServer3进行身份验证。
我收到错误消息:客户端应用程序未知或未经授权。 我想我已正确配置客户端和OAuth服务器客户端设置。有没有人在任何配置中看到错误
站点:PORT3G启动..
public void ConfigureAuth(IAppBuilder app)
{
JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
//port3g_implicit
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
ClientId = "port3g_implicit",
Authority = "http://localhost:22710", // Authorization Server
RedirectUri = "http://localhost:28037/", // Address of this website
ResponseType = "id_token token ", // Added token was not in orginal code
Scope = "openid profile offline_access read appRoles",
PostLogoutRedirectUri = "http://localhost:28037",
SignInAsAuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
}
站点:Webhost.OAuth
// BEGIN PORT3G
new Client
{
ClientId = "port3g_implicit",
ClientSecrets = new List<Secret>
{
new Secret("secret".Sha256())
},
ClientName = "Port3G",
Flow = Flows.Implicit,
AllowedScopes = new List<string>
{
Constants.StandardScopes.OpenId,
Constants.StandardScopes.Profile,Constants.StandardScopes.AllClaims ,
"read","appRoles"
},
RedirectUris = new List<string>
{
"http://localhost:28037/",
"http://localhost:28037/"
},
PostLogoutRedirectUris = new List<string>
{
"http://localhost:28037/"
},
Enabled = true
}
// END PORT3G
答案 0 :(得分:3)
你开启IdentityServer logging了吗?它可以非常有助于诊断这些问题。
在这种特定情况下,可能是因为您要求使用隐式流不允许的offline_access。尝试从分配给范围的字符串中删除该标识符。当您打开登录时,您可能会看到以下行指示此问题:
[错误]不允许请求的范围:“offline_access”
答案 1 :(得分:1)
您的回复类型末尾有一个空格
ResponseType = "id_token token ", // Added token was not in orginal code
删除它并尝试。同时删除offline_access范围