我正在ASP.Net MVC C#中开发一个依赖方,它应该在外部身份提供程序中进行身份验证,我使用的是Microsoft的owin库。我遇到的问题是Idp没有公开元数据端点,即使我没有在配置中指定它,当我尝试联系Idp时会抛出异常。
[InvalidOperationException:IDX10803:无法创建以获取 配置来自: ' https://domain.com/oidc/.well-known/openid-configuration'。]
我有以下代码段:
var options = new OpenIdConnectAuthenticationOptions();
options.AuthenticationType = authenticationType;
options.ClientId = clientConfiguration.ClientID;
options.ClientSecret = AppSettings.ClientSecret;
options.Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenValidated = n => ReceiveValidSecurityToken(n),
RedirectToIdentityProvider = n => ROSAddProtocolToken(n, clientConfiguration),
AuthenticationFailed = n => AuthenticationFailed(n),
};
options.Authority = AppSettings.Authority;
options.RedirectUri = clientConfiguration.GetPostLoginRedirectUri(clientConfiguration.CurrentCulture).ToString();
options.ResponseType = "code";
options.Scope = AppSettings.Scope;
options.ClientSecret = clientConfiguration.ClientSecret;
options.SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType;
我的问题是,如何在MS Owin lib(Authorization,Token,UserInfo,Jwls)中指定所有端点?
Idp期待以下设置: 范围:openid Http绑定:GET 响应类型:代码 令牌端点auth方法:client_secret_jwt
答案 0 :(得分:3)
好吧,几个小时后我想出了如何指定端点。
var options = new OpenIdConnectAuthenticationOptions();
options.Configuration = new OpenIdConnectConfiguration
{
AuthorizationEndpoint = AppSettings.Authority + "/" + AutorizationEndpointSufix,
JwksUri = AppSettings.Authority + "/" + JwksEndpointSufix,
TokenEndpoint = AppSettings.Authority + "/" + TokenEndpointSufix,
UserInfoEndpoint = AppSettings.Authority + "/" + UserInfoEndpointSufix,
Issuer = AppSettings.Authority
};
如果您实例化Configuration属性,那么它将忽略元数据。我设法从授权端点获得响应,只是想知道如何触发令牌端点,任何想法?