我搜索并发现了一些内容但没有完整的文档here。
有人可以给我一步一步的解释吗?
我已经对IdentityServer3进行了良好配置,并确认我可以通过浏览器访问IdentityManager并完美地管理用户。现在,我需要管理用户,但需要另一个自定义应用程序。所以我需要:
通过自定义应用
通过Idm API管理用户。
我使用了“ResourceOwner”授权并使用“idmgr”范围来获取访问令牌:https://localhost:44376/ids/connect/token。
但是当我使用该令牌访问https://localhost:44376/idm/api/users?count=10&start=0时,我收到了消息"Authorization has been denied for this request."
答案 0 :(得分:0)
var client = new HttpClient();
var dic = new Dictionary<string, string>();
dic.Add("client_id", "mvc");
dic.Add("client_secret", "secret");
dic.Add("grant_type", "password");
dic.Add("scope", "openid profile");
dic.Add("username", "yazan@catec.ae");
dic.Add("password", "P@ssword1");
var content = new FormUrlEncodedContent(dic);
var msg = client.PostAsync("https://localhost:44383/identity/connect/token", content).Result.Content.ReadAsStringAsync().Result;
string token = Newtonsoft.Json.JsonConvert.DeserializeObject<dynamic>(msg).access_token;
var jwt = new JwtSecurityToken(token);
var identity = new ClaimsIdentity("ApplicationCookie", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);
foreach (var c in jwt.Claims)
{
var t = c.Type;
var v = c.Value;
identity.AddClaim(new Claim(t, v));
}
IAuthenticationManager authenticationManager = HttpContext.GetOwinContext().Authentication;
authenticationManager.SignOut("ApplicationCookie");
authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, identity);
return Redirect("Index");