这是我的Identity Server项目的ConfigureServices
方法。
public void ConfigureServices(IServiceCollection services)
{
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddOperationalStore(options =>
{
options.EnableTokenCleanup = true;
options.TokenCleanupInterval = 30; // interval in seconds
})
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients())
.AddTestUsers(Config.GetUsers())
.AddProfileService<DefaultProfileService>();
}
当我遵循本教程时,本教程使用.AddProfileService<ProfileService>()
,但找不到ProfileService
。因此,我使用DefaultProfileService
。可能由于这个错误吗?
和我的config.cs
公共类配置 { 公共静态IEnumerable GetApiResources() { 返回新清单 { 新的ApiResource(“ myresourceapi”,“我的资源API”) { 范围= {new Scope(“ apiscope”)} } }; }
public static IEnumerable<Client> GetClients()
{
return new[]
{
// for public api
new Client
{
ClientId = "secret_client_id",
AllowedGrantTypes = GrantTypes.ClientCredentials,
ClientSecrets =
{
new Secret("secret".Sha256())
},
AllowedScopes = { "apiscope" }
},
new Client
{
ClientId = "secret_user_client_id",
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
ClientSecrets =
{
new Secret("secret".Sha256())
},
AllowedScopes = { "apiscope" }
}
};
}
public static List<TestUser> GetUsers()
{
return new List<TestUser>
{
new TestUser
{
SubjectId = "1",
Username = "user",
Password = "user",
Claims = new[]
{
new Claim("roleType", "CanReaddata")
}
},
new TestUser
{
SubjectId = "2",
Username = "admin",
Password = "admin",
Claims = new[]
{
new Claim("roleType", "CanUpdatedata")
}
}
};
}
}
在邮递员进行测试时,出现错误invalid_request
我已经测试了另一个客户端ID ClientId = "secret_client_id"
,它可以正常工作。
答案 0 :(得分:1)
如果您使用的是AddTestUser
,则无需添加配置文件服务,因为它会为您添加与测试用户一起使用的配置文件服务:
public static IIdentityServerBuilder AddTestUsers(this IIdentityServerBuilder builder, List<TestUser> users)
{
builder.Services.AddSingleton(new TestUserStore(users));
builder.AddProfileService<TestUserProfileService>();
builder.AddResourceOwnerValidator<TestUserResourceOwnerPasswordValidator>();
return builder;
}
答案 1 :(得分:0)
发现我的问题是我发出了一个GET
请求,应该是一个POST
请求。