asp.net核心中IdentityServer4中的无效客户端

时间:2019-12-01 06:48:18

标签: asp.net-core identityserver4

我正在使用IdentityServer4进行身份验证,并且有一个客户端作为控制台应用程序。

我在IdentityServer中的配置如下:

new Client
{
    ClientId = "online.console.client",
    ClientName = "backoffice",
    AllowedGrantTypes = GrantTypes.ClientCredentials,
    ClientSecrets =
    {
        new Secret("secret".ToSha256())
    },
    AllowedScopes =
    {
        "webapi"
    }
}

客户端调用IdentityServer,如下所示:

private static async Task<TokenResponse> RequestTokenAsync()
{
    var client = new HttpClient();

    var disco = await client.GetDiscoveryDocumentAsync("http://localhost:5001");
    if (disco.IsError)
    {
        throw new Exception(disco.Error);
    }

    var response = await client.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest
    {
        Address = disco.TokenEndpoint,

        ClientId = "online.console.client",
        Scope = "webapi",
        ClientSecret = "secret".ToSha256()
    });

    if (response.IsError)
    {
        throw new Exception(response.Error);
    }

    return response;
}

响应有错误:

  

失败:IdentityServer4.Validation.ClientSecretValidator [0] 

  Client secret validation failed for client: online.console.client.

我的问题在哪里? 我猜客户端配置错误。

1 个答案:

答案 0 :(得分:1)

在客户端中,不需要调用ToSha256的ClientSecret。您在服务器配置中开始为true,但是接下来为客户端执行false。所以所有要做的事情:

ClientSecret =  "secret"
相关问题
最新问题