我在验证时遇到问题。当我尝试连接到身份服务器时,它会抛出一个错误。当我在身份服务器上时,我可以成功登录,但是当我尝试从我的网络应用程序连接到身份服务器时,它会抛出以下错误。
任何人都能看到我做错了什么?
错误:“没有配置身份验证处理程序来处理该方案:oidc”
我在我的网站Startup.cs中使用以下代码
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(options =>
{
options.DefaultScheme =
CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme =
OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(options =>
{
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.Authority = "http://localhost:5000"; // Auth Server
options.RequireHttpsMetadata = false; // only for development
options.ClientId = "mvc"; // client setup in Auth Server
options.ClientSecret = Configuration["Identity_Server:Client_Secret"].Sha256();
options.ResponseType = "code id_token"; // means Hybrid flow
options.Scope.Add("API1");
options.GetClaimsFromUserInfoEndpoint = true;
options.SaveTokens = true;
});
services.AddMvc();
我在Identity Startup.cs中使用以下内容
services.AddDbContext<DbContext>(options =>
options.UseMySQL(Configuration.GetConnectionString("MySQL")));
services.AddIdentity<ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores<DbContext>()
.AddDefaultTokenProviders();
// Add application services.
services.AddTransient<IEmailSender, EmailSender>();
var config = new Config(Configuration);
services.AddIdentityServer()
.AddDeveloperSigningCredential(filename: "tempkey.rsa")
.AddInMemoryIdentityResources(config.GetIdentityResources())
.AddInMemoryApiResources(config.GetApiResources())
.AddInMemoryClients(config.GetClients())
.AddAspNetIdentity<ApplicationUser>();
services.AddMvc();
我在配置文件中使用以下内容
private static IConfiguration _config;
public Config(IConfiguration configuration)
{
_config = configuration;
}
public IEnumerable<Client> GetClients()
{
return new List<Client>
{
new Client
{
ClientId = "mvc",
ClientName = "MVC Client",
AllowedGrantTypes = GrantTypes.Hybrid,
RequireConsent = false,
ClientSecrets =
{
new Secret(_config["secret"].Sha256())
},
RedirectUris = { "http://localhost:5002/signin-oidc" },
PostLogoutRedirectUris = { "http://localhost:5002/signout-callback-oidc" },
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"API1"
},
AllowOfflineAccess = true
}
};
}
public IEnumerable<IdentityResource> GetIdentityResources()
{
return new List<IdentityResource>
{
new IdentityResources.OpenId(),
new IdentityResources.Profile(),
};
}
public IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>()
{
new ApiResource("API1", "Allow to Manage API1")
};
}
答案 0 :(得分:1)
您需要像这样定义名称,挑战和处理程序:
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
})
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>
{
options.SignInScheme = "Cookies";
options.Authority = "http://localhost:5000";
options.RequireHttpsMetadata = false;
options.ClientId = "mvc";
options.SaveTokens = true;
});
}
http://docs.identityserver.io/en/release/quickstarts/3_interactive_login.html