[英]OAuth 2.0 not working on Local IIS
I was doing OAuth 2.0 authentication for my app (client credentials flow). 我正在为我的应用程序进行OAuth 2.0身份验证(客户端凭据流)。 I have Identity Server, ASP.NET Web Api as an app to which I'm authenticating and console app as a client app.
我将Identity Server,ASP.NET Web Api作为要进行身份验证的应用程序,并将控制台应用程序作为客户端应用程序。
Everything works fine when my Web Api is hosted on IIS Express. 当我的Web Api托管在IIS Express上时,一切正常。 When I changed it to Local IIS, it doesn't work.
当我将其更改为Local IIS时,它不起作用。 On IIS Express I'm getting
ClaimsIdentity
as request principal, but on Local IIS I'm getting WindowsIdentity
, which doesn't have claims. 在IIS Express上,我将
ClaimsIdentity
作为请求主体,但是在本地IIS上,我得到WindowsIdentity
,它没有声明。
I'm using Thinktecture
libs for OAuth and Owin
for configuration. 我正在使用
Thinktecture
库进行OAuth和Owin
进行配置。 This is how my Startup class looks like: 这是我的Startup类的样子:
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = ConfigurationManager.AppSettings["Authority"],
RequiredScopes = new[] { "api" }
});
}
}
This is how I check principal identity: 这是我检查主体身份的方法:
var claims = ((ClaimsIdentity)p.Identity).Claims;
var roleClaim = claims.Where(i => i.Type == "client_role").FirstOrDefault();
if (roleClaim == null)
{
return null;
}
Ofcourse I'm returing null, when I'm on Local IIS, because this Identity doesn't have any claim. 当然,当我在本地IIS上时,我会重用null,因为此标识没有任何要求。
Why my app changes behavior when I'm changing IIS? 为什么在更改IIS时我的应用程序会更改行为? I was trying to change something in IIS configuration, but to be honest I was doing this rather blindly.
我试图更改IIS配置中的某些内容,但是老实说,我这样做是盲目的。
Does anybody know what is causing problem here? 有人知道造成问题的原因吗?
EDIT: I'll show also how I'm getting token and sending requests, maybe this is causing the problem. 编辑:我还将显示我如何获取令牌和发送请求,也许这是引起问题的原因。
private static TokenResponse GetToken()
{
var client = new OAuth2Client(new Uri(IdentityServerUri), clientId,clientScope);
return client.RequestClientCredentialsAsync("scope").Result;
}
Main function: 主功能:
var client = new HttpClient();
var tokenResponse = GetToken();
client.SetBearerToken(tokenResponse.AccessToken);
var result = client.GetStringAsync(requestUri).Result;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.