let usrMgr = new UserManager({
authority: "https://localhost:5001/",
client_id: "clientname",
redirect_uri: "https://localhost:3000/login/callback.html",
response_type: "id_token token",
scope: "openid"
});
usrMgr.signinRedirect();
我正在使用oidc-client-js 如上所示,通过我们的身份服务器进行身份验证。
尝试进行身份验证时,我从身份服务器收到以下错误消息
我在身份服务器上的客户端如下
{
"Enabled": true,
"ClientId": "clientname",
"ClientName": "Some Client Name",
"AllowedGrantTypes": "implicit",
"AllowedScopes": [ "openid", "profile", "email", "id:custom" ],
"AllowOfflineAccess": true,
"PostLogoutRedirectUris": [ "https://localhost:3000/signout-callback-oidc" ],
"RedirectUris": [ "https://localhost:3000/login/callback.html" ],
"FrontChannelLogoutUri": "https://localhost:3000/signout-oidc",
"AllowAccessTokensViaBrowser": true
}
我将AllowAccessTokensViaBrowser设置为true,并将AllowedGrantTypes设置为隐式。
为什么我会收到“客户端未配置为通过浏览器错误接收访问令牌的任何想法?
答案 0 :(得分:0)
如果您查看IdentityServer源代码,就会看到
//////////////////////////////////////////////////////////
// check if response type contains an access token,
// and if client is allowed to request access token via browser
//////////////////////////////////////////////////////////
var responseTypes = responseType.FromSpaceSeparatedString();
if (responseTypes.Contains(OidcConstants.ResponseTypes.Token))
{
if (!request.Client.AllowAccessTokensViaBrowser)
{
LogError("Client requested access token - but client is not configured to receive access tokens via browser", request);
return Invalid(request, description: "Client not configured to receive access tokens via browser");
}
}
因此,我认为的唯一原因是配置文件中是否有错字,或者还有其他原因,AllowAccessTokensViaBrowser未设置为true。可以找到源代码here。也许是上/下壳体的问题?