我打算将.Net Framework 3.5中的WebForms与IdentityServer4集成。
这是我的IdentityServer4实现的/。众所周知/ openid配置:
{“ issuer”:“ https://localhost:44329”,“ jwks_uri”:“ https://localhost:44329/.well-known/openid-configuration/jwks”,“ authorization_endpoint”:“ https://localhost:44329/connect/authorize”,“ token_endpoint”:“ https://localhost:44329/connect/token “,” userinfo_endpoint“:” https://localhost:44329/connect/userinfo“,” end_session_endpoint“:” https://localhost:44329/connect/endsession“,” check_session_iframe“:” https://localhost:44329/connect/checksession“,” revocation_endpoint“:” https://localhost:44329/connect/revocation“, “ introspection_endpoint”:“ https://localhost:44329/connect/introspect”,“ frontchannel_logout_supported”:true,“ frontchannel_logout_session_supported”:true,“ backchannel_logout_supported”:true,“ backchannel_logout_session_supported”:true,“ scopes_supported”:[“ openid”,“配置文件”,“地址”,“离线访问”],“ claims_supported”:[“ sub”,“ name”,“ family_name”,“ given_name”,“ middle_name”,“昵称”,“ preferred_username”,“ profile”,“图片”,“网站”,“性别”,“生日”,“ zoneinfo”,“语言环境”,“ updated_at”,“地址”],“ grant_types_supported”:[“ authorization_code”,“ client_credentials”,“ refresh_token”,“ implicit”,“ password“],” response_types_supported“:[” code“,” token“,” id_token“,” id_token令牌“,” code id_token“,”代码令牌“,” code id_token令牌“],” response_modes_supported“:[[form_post “,”查询“,”片段“],” token_endpoint_auth_methods_s支持”:[“ client_secret_basic”,“ client_secret_post”],“ subject_types_supported”:[“ public”],“ id_token_signing_alg_values_supported”:[“ RS256”],“ code_challenge_methods_supported”:[“ plain”,“ S256”]
以下代码是我向authorization_endpoint发出请求的方式:
Private Sub cmdLogin_Click(ByVal sender As System.Object, ByVal e As
Dim authorizationUrl As String = "https://localhost:44329"
authorizationUrl += "/connect/authorize"
authorizationUrl += "?"
authorizationUrl += "response_type=" + "code id_token" + "&"
authorizationUrl += "scope=" + "openid profile" + "&"
authorizationUrl += "client_id=" + "xxx" + "&"
authorizationUrl += "redirect_uri=" + "http://localhost:56106/Default.aspx" + "&"
authorizationUrl += "state=" + "af1Ef" + "&"
authorizationUrl += "nonce=" + "n-0S6_WzA2Mj"
Page.Response.Redirect(authorizationUrl, False)
Page.Response.End()
End Sub
在执行了上一个操作之后,我得到了一个代码和id_toke,并且对它们都进行了验证,这时一切都很好。因此,然后我尝试向Token端点发出请求,以尝试获取access_token和id_token以便继续从user_endpoint获取有关该用户的所有声明。这是尝试获取access_token的代码:
<WebMethod()> _
Public Shared Function CallBackToProcessAuthentication(ByVal qsFromISvr As String) As String
Dim temp As String()
Dim authorizationCode As String = ""
Dim idToken As String = Nothing
For Each element As String In qsFromISvr.Split(New Char() {"&"c})
temp = element.Split(New Char() {"="c})
If temp(0) = "code" Then
authorizationCode = temp(1)
End If
If temp(0) = "error" Then
Throw New Exception(temp(1))
End If
If temp(0) = "state" Then
Dim stateFromConfig As String = ConfigurationManager.AppSettings("state").ToString()
If temp(1) <> stateFromConfig ThenException
Throw New Exception("Invalid state.")
End If
End If
If temp(0) = "id_token" Then
idToken = temp(1)
End If
Next
' Here I make all validations.
Dim token_endpoint_url = "https://localhost:44329"
token_endpoint_url += "/connect/token"
Dim authorizationBasic = Convert.ToBase64String(Encoding.UTF8.GetBytes("secret"))
Dim postRequest As HttpWebRequest = CType(WebRequest.Create(token_endpoint_url), HttpWebRequest)
postRequest.Method = WebRequestMethods.Http.Post
postRequest.Headers.Clear()
postRequest.Headers.Add("Authorization", "Basic " + authorizationBasic)
postRequest.Headers.Add("ContentType", "application/x-www-form-urlencoded")
Dim postdata = "grant_type=authorization_code"
postdata += "&code="+authorizationCode
postdata += "&redirect_uri=" + HttpUtility.UrlEncode("http://localhost:56106/Default.aspx")
postdata += "&client_id=" + "xxx"
Dim postDataURLEncoded = HttpUtility.UrlEncode(postData)
Dim postdatabytes = Encoding.UTF8.GetBytes(postData)
postRequest.ContentLength = postdatabytes.Length
Using stream = postRequest.GetRequestStream()
stream.Write(postdatabytes, 0, postdatabytes.Length)
End Using
Dim serializer As New JavaScriptSerializer()
Dim deserialized_tokenResponse As Dictionary(Of String, Object)
Dim response = postRequest.GetResponse() ' Here throw an exception saying : The server method 'CallBackToProcessAuthentication' failed with the following error: System.Net.WebException-- The remote server returned an error: (400) Bad Request.
Dim responseStream = response.GetResponseStream()
Using reader As New StreamReader(responseStream)
deserialized_tokenResponse = serializer.Deserialize(Of Dictionary(Of String, Object))(reader.ReadToEnd().ToString())
End Using
Dim breakpoint = "toDebug"
End Function
我在变量“ breakpoint”中放置了一个断点,但从未到达它,因为当我尝试获取响应时抛出了异常(在上面的代码中,我在引发异常的地方添加了注释)。我认为该错误是由于我将POST请求的有效负载编码到令牌端点的方式造成的,但我不知道是否如此。有什么帮助吗?非常感谢!!!