我有 2 个 asp.net core 3.1 应用程序。其中一个是 IdentityServer,另一个是 Client,这使得 OpenID 连接到 IdentityServer,如果 操作方法具有授权属性。
// User 1
{
"SubjectId": 1,
"Username": "MyName",
"Password": "MyPassword"
}
// Client 1
{
"ClientId": "ClientID",
"ClientName": "This is MVC1 Client",
"ClientSecrets": [{
"Value": "ClientSecret"
}],
"AllowedGrantTypes": [ "authorization_code" ],
"RedirectUris": [ "http://localhost:7573/signin-oidc" ],
"PostLogoutRedirectUris": [ "http://localhost:7573/signin-oidc" ],
"AllowedScopes": [
"openid",
"profile",
"address",
"email",
"phone"
],
"RequirePkce": true,
"AllowPlainTextPkce": false
}
services
.AddAuthentication(options => {
options.DefaultScheme = "Cookie";
options.DefaultChallengeScheme = "OIDC";})
.AddCookie("Cookie")
.AddOpenIdConnect("OIDC", options => { // This config used for Authentication
options.SignInScheme = "Cookie";
options.SignOutScheme = "Cookie";
options.Authority = "http://192.168.34.33:80"; // My remote Server
options.RequireHttpsMetadata = false;
options.ClientId = "MVC1";
options.ClientSecret = "MVC1";
options.ResponseType = "code";
options.UsePkce = true;
options.SaveTokens = true;
options.ResponseMode = "query";
options.CallbackPath = "/signin-oidc";
options.Scope.Clear();
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email");
options.Scope.Add("address");
options.Scope.Add("phone");
});
And This Configuration WORK Well with HTTP
但不是 HTTPS
when i press login, it work ok and after authentication, redirect me back to the client
问题是当我将 Authority URL 更改为 HTTPS 时,我收到一个 远程证书 错误及其正确性,因为我的证书中没有有效的证书IIS
所以:
options.Authority = "https://192.168.34.33:4430"; // My remote Server
options.RequireHttpsMetadata = true;
请帮帮我。我真的很需要帮助。谢谢:))
答案 0 :(得分:0)
您不能同时使用 IP 地址和 HTTPS,如下所示:
options.Authority = "https://192.168.34.33:4430"; // My remote Server
options.RequireHttpsMetadata = true;
要使 TLS/HTTPS 工作,您必须拥有服务器的域名。否则,客户端谁能知道它在和谁说话?