IdentityServer3返回invalid_scope以授权端点

时间:2018-10-31 08:55:43

标签: asp.net-mvc oauth-2.0 openid-connect identityserver3 nopcommerce

我在ASP.NET MVC网站上安装了IdentityServer3和一个客户端(一个NopCommerce插件),定义如下(URL仅用于测试):

new Client
                   {
                       ClientName    = "Deep Stores",
                       ClientId      = "deepstores",
                       ClientSecrets = new List<Secret>
                                       {
                                           new Secret("0B0A3FD3-F30C-428C-B1A3-6E570103614D".Sha256())
                                       },
                       AccessTokenType = AccessTokenType.Reference,
                       RedirectUris    = new List<string>
                                         {
                                             "http://localhost:2030/plugins/ExternalAuthDeepStudies/logincallback"
                                         },
                       Flow                   = Flows.AuthorizationCode,
                       AllowAccessToAllScopes = true,
                       AllowedScopes          = StandardScopes.All.Select(x => x.Name).ToList()
                   }

当尝试使用如下所示的URL获取授权令牌时,它第一次起作用(出现登录并授予页面等等),但对于其余请求,它为我的回调返回error=invalid_scope

请求授权端点:

https://127.0.0.1/core/connect/authorize?client_id=deepstores&redirect_uri=http%3A%2F%2Flocalhost%3A2030%2Fplugins%2FExternalAuthDeepStudies%2Flogincallback&scope=profile&response_type=code

会发生什么?为什么我会收到此错误?

范围定义为:

public static IEnumerable<Scope> Get()
    {
        return new[]
               {
                   StandardScopes.OpenId,
                   StandardScopes.Profile,
                   StandardScopes.Email,
                   StandardScopes.Address,
                   StandardScopes.Phone,
                   StandardScopes.OfflineAccess,
                   StandardScopes.RolesAlwaysInclude,
                   StandardScopes.AllClaims,

               };
    }

请注意,我使用EntityFramework,所有人员均存储在数据库中。加上我使用ASP.NET Identity管理用户和角色。

0 个答案:

没有答案