IdentityServer4 IsValidReturnUrl为有效URL返回false

时间:2017-04-12 10:50:48

标签: identityserver4

我有一个使用此客户端配置的测试项目:

public class Clients : IClientStore
    {
        public Task<Client> FindClientByIdAsync(string clientId)
        {
            return Task.FromResult(new Client
            {
                ClientId = "client.webforms",
                ClientName = "WebForms Client",
                AllowedGrantTypes = GrantTypes.Hybrid,
                AllowAccessTokensViaBrowser = false,

                ClientSecrets =
                    {
                        new Secret("1234".Sha256())
                    },

                RedirectUris = { "http://localhost:9869/signin-oidc" },
                PostLogoutRedirectUris = { "http://localhost:9869/" },

                AllowedScopes =
                    {
                        IdentityServerConstants.StandardScopes.OpenId,
                        CstIdSrvScopeTypes.TestWebForms
                    },
                AllowOfflineAccess = false,
                RequireConsent = false,

                AlwaysIncludeUserClaimsInIdToken = true
            });
        }
    }

当我尝试在LoginController中验证它时,我得到false结果(这是来自立即窗口:

returnUrl
"http://localhost:9869/signin-oidc"
this.identityServer.IsValidReturnUrl(returnUrl)
false

同样this.identityServer.GetAuthorizationContextAsync(returnUrl)结果为null。我做错了吗?

1 个答案:

答案 0 :(得分:2)

是的 - 当您配置客户端时,您需要添加一个RedirectUri,该客户端是您上面列表中的RedirectUris之一。

喜欢的东西 #

app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
        {
            SignInAsAuthenticationType = Settings.AuthenticationType,
            Authority = config.Authority,
            RedirectUri = config.RedirectUri
        }