使用具有多个范围的访问令牌调用We​​b API

时间:2018-07-26 18:43:42

标签: authentication asp.net-web-api identityserver4 openid-connect identityserver3

我已经为Angular应用程序配置了隐式流设置。 

const settings: any = {
authority: 'https://localhost:44381',
client_id: 'AngularCore',
redirect_uri: 'https://localhost:44301/authcallback',
post_logout_redirect_uri: 'https://localhost:44301/',
response_type: 'id_token token',
scope: 'openid profile mywebapicore.read mywebapicore.write',
accessTokenExpiringNotificationTime: 10,
filterProtocolClaims: true,
loadUserInfo: true,
automaticSilentRenew: true,
silent_redirect_uri: 'https://localhost:44301/silentrenew'
}

这是我的IdentityServer4 ApiResource 

new ApiResource {
Name = "mywebapicore"
,ApiSecrets = new List<Secret>() { new Secret("apisecret".Sha256()) }

,Scopes = {
new Scope(){Name = "mywebapicore.read",DisplayName = "Read only 
access to the mywebapicore"},

new Scope(){Name = "mywebapicore.write", DisplayName = "Write only access to 
the mywebapicore"}}}

这是我使用IdentityServer3.AccessTokenValidation的ASP.NET WEB API配置

var options = new IdentityServerBearerTokenAuthenticationOptions
        {
            Authority = "https://localhost:44381",
            RequiredScopes = new[] { "mywebapicore.read", "mywebapicore.write" },
            ClientId = "mywebapicore",
            ClientSecret = System.Uri.EscapeDataString("apisecret"),
            PreserveAccessToken = true
};
app.UseIdentityServerBearerTokenAuthentication(options);

问题-我正在使用访问令牌从Angular App调用ASP.NET WEB API,但出现此错误- Bearer error =“ insufficient_scope”

如果我仅包含一个作用域,则它按预期方式工作,但如果我包含多个作用域,则它会抛出403错误,并带有错误消息,表示为 Bearer error =“ insufficient_scope”

请帮助... 在此先感谢!!!

0 个答案:

没有答案
相关问题
最新问题