我一直在尝试使用IdentityServer4进行身份验证时收到错误。我已经查看了这个问题的一些资源,但所有这些都与我的问题无关。
我正在向https://localhost:44377/signin-oidc
发出json请求,但这是从AspCore身份验证DLL记录的内容
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectMiddleware:信息:来自RemoteAuthentication的错误:OpenIdConnectAuthenticationHandler:message.State为null或为空..
我的Startup.cs配置如下所示:
services.AddIdentityServer()
.AddInMemoryIdentityResources(Config.GetIdentityResources())
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients())
.AddTestUsers(Config.GetTestUsers())
.AddTemporarySigningCredential();
app.UseIdentityServer();
app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationScheme = "cookie" });
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
ClientId = "openIdConnectClient",
Authority = "https://localhost:44377/",
SignInScheme = "cookie",
TokenValidationParameters = new TokenValidationParameters
{
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("clientpassword"))
},
CallbackPath = "/signin-oidc"
});
我尝试访问的客户端看起来像这样
new Client
{
ClientId = "openIdConnectClient",
ClientName = "Example Implicit Client Application",
AllowedGrantTypes = GrantTypes.Implicit,
AllowedScopes = new List<string>
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email,
"role",
"customAPI"
},
ClientSecrets = new List<Secret> {
new Secret("superSecretPassword".Sha256())},
RedirectUris = new List<string> {"https://localhost:44377/signin-oidc"},
PostLogoutRedirectUris = new List<string> {"https://localhost:44377"}
}
答案 0 :(得分:0)
我认为您需要将AuthenticationScheme = "oidc"
置于app.UseOpenIdConnectAuthentication
下。
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
AuthenticationScheme = "oidc"
ClientId = "openIdConnectClient",
Authority = "https://localhost:44377/",
SignInScheme = "cookie",
TokenValidationParameters = new TokenValidationParameters
{
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("clientpassword"))
},
CallbackPath = "/signin-oidc"
});