当我尝试对/connect/token端点执行HTTP / POST时,我得到一个带有以下堆栈跟踪的NullReferenceException:
在IdentityServer4.Hosting.AuthenticationHandler.AuthenticateAsync(AuthenticateContext) 上下文) 在Microsoft.AspNetCore.Http.Authentication.Internal.DefaultAuthenticationManager.d__12.MoveNext()
调试到IdentityServer4的源代码我发现,IHttpAuthenticationFeature HttpContext.Features null if(auth == null) IHttpAuthenticationFeature GetAuthentication()
{
var auth = _context.HttpContext.Features.Get<IHttpAuthenticationFeature>();
if (auth == null)
{
auth = new HttpAuthenticationFeature();
_context.HttpContext.Features.Set(auth);
}
return auth;
}
发生这种情况,因此代码属于{{1} case(参见源代码here):
Startup.ConfigureServices(...)我的services.AddTransient<IUserStore<IdentityUser>, CustomStore>
(
provider => new CustomStore
(
Configuration["company:data:legacy:connectionString"]
)
);
services.AddIdentity<IdentityUser, IdentityRole>()
.AddUserManager<IdentityUserManager>()
.AddDefaultTokenProviders();
services.AddIdentityServer()
.AddTemporarySigningCredential()
.AddInMemoryApiResources(IdentityConfig.GetApiResources())
.AddInMemoryClients(IdentityConfig.GetClients())
.AddAspNetIdentity<IdentityUser>();
如下所示:
{{1}}
我无法弄清楚我是否缺少某些服务注册或配置。
答案 0 :(得分:0)
看起来它无法在客户端上找到Cookie和OpenId身份验证处理程序。确保在您调用端点的Web客户端中正确添加了上述中间件配置。
app.UseCookieAuthentication(new CookieAuthenticationOptions()
{
AuthenticationScheme = "Cookies"
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
AuthenticationScheme = "oidc",
SignInScheme = "Cookies",
Authority = "http://localhost:5000",
RequireHttpsMetadata = false,
ClientId = "mvc",
ClientSecret = "secret",
ResponseType = "code id_token",
Scope = { "api1", "offline_access" },
GetClaimsFromUserInfoEndpoint = true,
SaveTokens = true
});
更新请记住,如果您要求令牌(即使您通过邮递员这样做),您必须设置客户端,传递客户端ID和密码(取决于您的客户端配置)在您的请求中使用您从先前授权请求获得的经过验证的授权类型和代码。查看this