我已经进行了以下配置。
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddIdentityServer(SetupIdentityServer)
.AddDeveloperSigningCredential()
.AddInMemoryClients(GetClients)
.AddInMemoryIdentityResources(GetIdentities)
.AddInMemoryApiResources(GetApis)
.AddTestUsers(GetUsers);
services.AddAuthentication("TheCookie")
.AddCookie("TheCookie", _ =>
{
_.ExpireTimeSpan = TimeSpan.FromMinutes(1);
_.SlidingExpiration = true;
});
...
}
private static void SetupIdentityServer(IdentityServerOptions options)
{
options.UserInteraction.LoginUrl = "/Security/Credentials";
options.UserInteraction.LoginReturnUrlParameter = "bbb";
options.UserInteraction.CustomRedirectReturnUrlParameter = "aaa";
}
但是,当我访问需要授权的页面时,会得到404,因为我已转发到默认的 / Account / Login “控制器/操作。我可以确认 SetupIdentityServer 之所以调用是因为它在此处遇到了麻烦。不过,浏览器中的URL仍然是默认URL,返回页面是我要访问的页面,而不是上面的伪造设置。
docs for IdS4的解释不多,我也无法弄清我所缺少的内容。我尝试遵循suggested here这样的设置。
我怀疑这与我的客户有关,其设置如下。
private static IEnumerable<Client> GetClients => new[]
{
new Client
{
ClientId = "Website",
ClientName = "The Client",
ClientUri = "http://identityserver.io",
AllowedGrantTypes = GrantTypes.Implicit,
AllowAccessTokensViaBrowser = true,
RedirectUris = {"http://localhost:5000/security/credentials"},
PostLogoutRedirectUris = {"http://localhost:5000/index.html"},
AllowedCorsOrigins = {"http://localhost:5000", "https://localhost:44300"},
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email,
}
}
};
据我了解,默认情况下,授予类型隐式应该用于SPA,而MVC风格的登录由设置控制,默认情况下,就像我在中所做的那样简单地对其进行管理SetupIdentityServer 。我感觉这个问题可能存在,但在谷歌上搜索有关客户类型的内容让我头疼而不是清晰。