我有一个要向Identity Server 3进行身份验证的ASP.Net Web表单站点。在Identity Server应用程序中,我定义了一个范围列表(其中一个是“电子邮件”)。但是,当我运行代码并尝试进行身份验证时,出现错误。如果删除Scope属性,它将运行良好,但不包括我请求的Scope字段(仅具有通用声明)。这是我的代码:
Public Sub ConfigureAuth(app As IAppBuilder)
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap = New Dictionary(Of String, String)
app.UseCookieAuthentication(New CookieAuthenticationOptions() With {
.AuthenticationType = "Cookies"
})
Dim OpenIdAuthOption = New OpenIdConnectAuthenticationOptions() With {
.Authority = "https://myidentityserver.azurewebsites.net/core/",
.ClientId = "adfasdfafasdfasfasf",
.RedirectUri = "https://localhost:44321/default.aspx/",
.ResponseType = OpenIdConnectResponseType.IdTokenToken,
.SignInAsAuthenticationType = "Cookies",
.Scope = "email",
.Notifications = New OpenIdConnectAuthenticationNotifications() With {
.SecurityTokenReceived = Function(ctx)
Return Task.FromResult(0)
End Function,
.MessageReceived = Function(ctx)
Return Task.FromResult(0)
End Function,
.SecurityTokenValidated = Function(ctx)
Dim claimPrincipal = ctx.AuthenticationTicket.Identity
TransformClaims(claimPrincipal)
Return Task.FromResult(0)
End Function,
.AuthorizationCodeReceived = Function(ctx)
Return Task.FromResult(0)
End Function,
.RedirectToIdentityProvider = Function(context)
RedirectLogin(context)
Return Task.FromResult(0)
End Function
}
}
app.UseOpenIdConnectAuthentication(OpenIdAuthOption)
End Sub
我得到的错误是:
“ OpenIdConnectMessage.Error不为null,表示错误。错误: '非法请求'。错误说明(可能为空):“。 Error_Uri (可能为空):”。”
谁能解释我如何从Identity Server获取范围值(例如“电子邮件”)?
答案 0 :(得分:0)
在客户端配置的范围内,还添加openid,如果您使用响应类型(IdTokenToken / CodeIdToken / CodeToken / CodeIdTokenToken),则必须存在openid
您的代码应类似于
Dim OpenIdAuthOption = New OpenIdConnectAuthenticationOptions() With {
.Authority = "https://myidentityserver.azurewebsites.net/core/",
.ClientId = "adfasdfafasdfasfasf",
.RedirectUri = "https://localhost:44321/default.aspx/",
.ResponseType = OpenIdConnectResponseType.IdTokenToken,
.SignInAsAuthenticationType = "Cookies",
.Scope = "openid email",
.Notifications = New OpenIdConnectAuthenticationNotifications() With {
.SecurityTokenReceived = Function(ctx)
Return Task.FromResult(0)
End Function,
.MessageReceived = Function(ctx)
Return Task.FromResult(0)
End Function,
.SecurityTokenValidated = Function(ctx)
Dim claimPrincipal = ctx.AuthenticationTicket.Identity
TransformClaims(claimPrincipal)
Return Task.FromResult(0)
End Function,
.AuthorizationCodeReceived = Function(ctx)
Return Task.FromResult(0)
End Function,
.RedirectToIdentityProvider = Function(context)
RedirectLogin(context)
Return Task.FromResult(0)
End Function
}
}