无法请求令牌,请求字段为空

时间:2016-10-22 18:57:21

标签: asp.net-core jwt openiddict

我正在尝试为SPA创建API。我正在使用最新的.NET Core,MVC和EF。我想使用JWT对用户进行身份验证,因此我决定使用openiddict核心。我已尝试根据github pagethis blog post上的示例进行设置。问题是我得到“不支持指定的授权类型”。请求令牌时。

这是postman请求的截图: Postman request

这是我的ConfigureServices方法:

public void ConfigureServices(IServiceCollection services)
{
    // Add framework services.
    services.AddApplicationInsightsTelemetry(Configuration);

    services.AddMvc();

    services.AddDbContext<ApplicationDbContext>(
        options => options.UseSqlServer(Configuration["Data:DefaultConnection:ConnectionString"])
    );

    services.AddIdentity<ApplicationUser, ApplicationRole>()
        .AddEntityFrameworkStores<ApplicationDbContext>()
        .AddDefaultTokenProviders();

    services.AddOpenIddict<ApplicationDbContext>()
        .UseJsonWebTokens()
        .EnableTokenEndpoint("/connect/token")
        .AllowPasswordFlow()
        .DisableHttpsRequirement()  // TODO: remove in production
        .AddEphemeralSigningKey();  // TODO: replace with a certificate, this should be used for development only
}

Configure方法:

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
    loggerFactory.AddConsole(Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();

    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }

    app.UseApplicationInsightsRequestTelemetry();

    app.UseApplicationInsightsExceptionTelemetry();

    // don't use identity as this is a wrapper for using cookies, not needed
    // app.UseIdentity();

    app.UseJwtBearerAuthentication(new JwtBearerOptions
    {
        AutomaticAuthenticate = true,
        AutomaticChallenge = true,
        RequireHttpsMetadata = false,  // TODO: remove, dev only
        Audience = "http://localhost:42443/",  // TODO: ???
        Authority = "http://localhost:42443/"  // TODO: ???
    });

    app.UseOpenIddict();

    app.UseMvcWithDefaultRoute();
}

我正在使用示例中的AuthorizationController来处理令牌请求。通过观察处理request请求的Exchange方法的/connect/token参数的内容,我发现它接收所有字段为空: Debugger

我不知道为什么。根据{{​​3}}和this博文,邮递员请求应该是正确的。问题在哪里?

1 个答案:

答案 0 :(得分:4)

作为mentioned in the samples,您必须注册OpenIddict MVC模型绑定器才能使用OpenIdConnectRequest作为操作参数。

引用OpenIddict.Mvc包并致电AddMvcBinders,它应该有效:

services.AddOpenIddict<ApplicationDbContext>()
    // Register the ASP.NET Core MVC binder used by OpenIddict.
    // Note: if you don't call this method, you won't be able to
    // bind OpenIdConnectRequest or OpenIdConnectResponse parameters.
    .AddMvcBinders()

...
相关问题
最新问题