带有IdentityServer 3的CustomGrantValidator不支持的授权类型

时间:2017-06-05 16:41:41

标签: identityserver3

我正在尝试设置IdentityServer解决方案以接受自定义的Grant Validator。我们的API项目由UI访问,使用密码身份验证(正在运行),现在使用第三方身份验证的UI。

在我们的API中,我设置了IdentityServer,如下所示:

Startup.cs

public void Configuration(IAppBuilder app)
    {
        var factory = new IdentityServerServiceFactory()
            .UseInMemoryClients(Clients.Get())
            .UseInMemoryScopes(Scopes.Get());

        var userService = new IdentityUserService();
        factory.UserService = new Registration<IUserService>(resolver => userService);
        factory.CustomGrantValidators.Add(
            new Registration<ICustomGrantValidator, MyGrantValidator>());

        var options = new IdentityServerOptions
        {
            SiteName = "My App Name",
            SigningCertificate = Certificate.Get(),
            Factory = factory
        };

        app.Map("/identity", identityServerApp =>
        {
            identityServerApp.UseIdentityServer(options);
        });
}

MyGrantValidator.cs:

public class MyGrantValidator : ICustomGrantValidator
{
    public async Task<CustomGrantValidationResult> ValidateAsync(ValidatedTokenRequest request)
    {
        // For now I just want a basic response. More logic will come later.
        var authResult = new AuthenticateResult(
            subject: "1234", // user.AccountId.ToString(),
            name: "bob" //context.UserName
        );
        var grantResult = new CustomGrantValidationResult
        {
            IsError = authResult.IsError,
            Error = authResult.ErrorMessage,
            ErrorDescription = authResult.ErrorMessage,
            Principal = authResult.User
        };
        return await Task.FromResult(grantResult);
    }

    public string GrantType => "myGrantType";
}

在我的界面中,我设置了这样一个客户端:

        var owinContext = HttpContext.GetOwinContext();
        var token = owinContext.Authentication.User.FindFirst(c => c.Type == "myToken")?.Value;
        var tokenId = owinContext.Authentication.User.FindFirst(c => c.Type == ClaimTypes.Sid)?.Value;

        var client = new TokenClient(
            ConfigurationManager.AppSettings["IdentityServerBaseUrl"] + "/connect/token",
            "MyUser",
            ConfigurationManager.AppSettings["MyClientSecret"], 
            AuthenticationStyle.Custom
        );            

        var tokenResponse = client.RequestCustomGrantAsync(
            "myGrantType",
            "read write",
            new Dictionary<string, string>
            {
                { "token", token },
                { "tokenId", tokenId }
            }
        ).Result;

        return Redirect(returnUrl);

当触发请求时,我得到:unsupported_grant_type

我错过了什么?

1 个答案:

答案 0 :(得分:1)

您正在使用名为&#34; MyUser&#34; (客户端的奇怪名称,但确定)。该客户端是否已注册为内存客户端之一,其授权类型设置为&#34; custom&#34;?