我可能无法正确理解如何使用Xamarin.Auth正确实现IdentityServer4。
基本上我在多个案例中使用Xamarin.Auth
说到案例1,我在从移动应用程序登录到Google / MS / FB后,我决定该做些什么:转到应用程序的主页面或注册用户,通过注册存储电子邮件作为用户名和userId(来自供应商的那个作为密码。
我已经使用AspNetIdentity实现了IdentityServer4
根据我的阅读,我需要实现混合身份验证,但问题在于它需要使用WebView,在案例1中不再需要它。 所以基本上我认为我需要使用授权流程但是尝试做任何一个都失败了。
https://localhost:44348/connect/authorize?
client_id=XamClient&
client_secret=secret&response_type=code+id_token&
scope=openid&
redirect_uri=https%3A%2F%2Flocalhost%3A44348%2Fxamarincallback&
nonce=7a8ff1c107e345a8b055a8232ec15545&
code_challenge=8Kk9RQ8NX6w3YzL0eU7AWQurWnikb9NS9bVwa5lxhhE&
code_challenge_method=S256&state=d3a7b6a511da413395b2552fb194af2f
我的问题是大多数示例都有一个MVC视图,它将此URL作为redirectURL获取,然后在客户端使用其用户名和密码提交POST后,我将获得AuthorizationCode,{{ 1}}和RefreshToken。
我真的不确定如何在我的情况下正确提交身份验证,使用什么?
我只能使用 - 隐含 - 授权码 - 这是我第一个场景的唯一合理选择吗? - 混合模式 - 全天尝试实现这一点,这是不可能的..
无论如何,在查看日志后,我看到一个突然可疑的重定向到帐户控制器(asp登录控制器)
IdentityToken从Git分析 {
"name": "Microsoft.ApplicationInsights.Dev.Request",
"time": "2017-09-12T11:26:56.5388249Z",
"tags": {
"ai.location.ip": "127.0.0.1",
"ai.internal.nodeName": "EDWARD",
"ai.operation.id": "152eb716-4ff8951dec6a1ed1",
"ai.internal.sdkVersion": "aspnet5c:2.1.1",
"ai.application.ver": "1.0.0.0",
"ai.operation.name": "GET /connect/authorize",
"ai.cloud.roleInstance": "EDWARD"
},
"data": {
"baseType": "RequestData",
"baseData": {
"ver": 2,
"id": "|152eb716-4ff8951dec6a1ed1.",
"name": "GET /connect/authorize",
"duration": "00:00:00.1530713",
"success": true,
"responseCode": "302",
"url": "https://localhost:44348/connect/authorize?client_id=AnonymousCheckerClient&client_secret=secret&response_type=code+id_token&scope=openid&redirect_uri=https:%2F%2Flocalhost:44348%2Fxamarincallback&nonce=af1427d39dc2463697047a834169fdcf&code_challenge=UUi0a9cfhrcGvzddV9eh0Lc8cdr5WE-ZwSzwbY7ReNQ&code_challenge_method=S256&state=aafde38b65044c35b83a1fcb8771de2e",
"properties": {
"httpMethod": "GET",
"AspNetCoreEnvironment": "Development",
"DeveloperMode": "true"
}
}
}
},
{
"name": "Microsoft.ApplicationInsights.Dev.Message",
"time": "2017-09-12T11:26:56.6993438Z",
"tags": {
"ai.location.ip": "127.0.0.1",
"ai.operation.parentId": "|152eb717-4ff8951dec6a1ed1.",
"ai.internal.nodeName": "EDWARD",
"ai.operation.id": "152eb717-4ff8951dec6a1ed1",
"ai.internal.sdkVersion": "aspnet5c:2.1.1",
"ai.application.ver": "1.0.0.0",
"ai.operation.name": "GET /account/login",
"ai.cloud.roleInstance": "EDWARD"
},
"data": {
"baseType": "MessageData",
"baseData": {
"ver": 2,
"message": "Request starting HTTP/1.1 GET http://localhost:44348/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DAnonymousCheckerClient%26client_secret%3Dsecret%26response_type%3Dcode%2520id_token%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%252Flocalhost%253A44348%252Fxamarincallback%26nonce%3Daf1427d39dc2463697047a834169fdcf%26code_challenge%3DUUi0a9cfhrcGvzddV9eh0Lc8cdr5WE-ZwSzwbY7ReNQ%26code_challenge_method%3DS256%26state%3Daafde38b65044c35b83a1fcb8771de2e",
"severityLevel": "Information",
"properties": {
"AspNetCoreEnvironment": "Development",
"Protocol": "HTTP/1.1",
"Host": "localhost:44348",
"QueryString": "?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DAnonymousCheckerClient%26client_secret%3Dsecret%26response_type%3Dcode%2520id_token%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%252Flocalhost%253A44348%252Fxamarincallback%26nonce%3Daf1427d39dc2463697047a834169fdcf%26code_challenge%3DUUi0a9cfhrcGvzddV9eh0Lc8cdr5WE-ZwSzwbY7ReNQ%26code_challenge_method%3DS256%26state%3Daafde38b65044c35b83a1fcb8771de2e",
"Scheme": "http",
"Path": "/account/login",
"DeveloperMode": "true",
"CategoryName": "Microsoft.AspNetCore.Hosting.Internal.WebHost",
"Method": "GET"
}
}
}
}
这个/授权端点只接受GET而没有用户/ pw。
编辑01: 我检查了这个资源,它让我对我的情景(1)...
感到困惑