嗨,我正在尝试在IdentityServer4中获取authorization_code和pkce代码流。
我已经将客户注册为
new Client
{
ClientId = "client123",
ClientName = "My Super Secret Client Id",
AllowedGrantTypes = GrantTypes.Hybrid,
ClientSecrets =
{
new Secret("secret".Sha256())
},
RedirectUris = { "http://localhost:5000" },
PostLogoutRedirectUris = { "http://localhost:5002/signout-callback-oidc" },
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"api1"
},
AllowOfflineAccess = true
}
我的要求如下:
POST /connect/authorize HTTP/1.1
Host: localhost:5000
Content-Type: application/x-www-form-urlencoded
Authorization: Basic Y2xpZW50MTIzOjJCQjgwRDUzN0IxREEzRTM4QkQzMDM2MUFBODU1Njg2QkRFMEVBQ0Q3MTYyRkVGNkEyNUZFOTdCRjUyN0EyNUI=
Cache-Control: no-cache
Postman-Token: fa61ca5a-0f04-418f-a68c-4bb7a7a85120
client_id=client123&scope=openid&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A5000&state=abc&nonce=xyz
在响应中,当我将Sorry, there was an error : unauthorized_client替换为AllowedGrantTypes = GrantTypes.HybridAndClientCredentials时,我得到了AllowedGrantTypes = GrantTypes.CodeAndClientCredentials的html页面,出现了同样的错误。我有什么想念的吗?