我创建了具有asp.net标识的Identity server 4 RC 3以及内存客户端和范围。我创建了一个安全的api和一个mvc客户端。我试图从MVC客户端调用api,它运行良好。现在,我创建了一个Web表单客户端(asp.net 4.5)并在其中配置了opendidopetions,我试图从webform客户端调用api但是获得401,我看到当api被命中时,isauthenticated = false并且在api中Name为null user.claims。我试图记录错误,它说:“[信息]”承载“未经过身份验证。失败消息:”没有可用于令牌的SecurityTokenValidator:“。我的Web表单客户端有以下选项:
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
AuthenticationType = "oidc",
Authority = "http://localhost:5000",
ClientId = "mvcClient",
ClientSecret = "secret",
RedirectUri = "http://localhost:5002",
PostLogoutRedirectUri = "http://localhost:5002",
ResponseType = "code id_token token",
Scope = "openid profile NamfusAPI offline_access roles",
SignInAsAuthenticationType = "Cookies",
Notifications = new OpenIdConnectAuthenticationNotifications
{ ..... // code to authenitcate
这是api代码:
public IActionResult Get()
{
return new JsonResult(from c in User.Claims select new {c.Type, c.Value });
}
我看到声明为空,而user.isauthenticated为false