堆栈内存溢出
  简体   繁体   English

未设置OAuth2Client clientId和clientSecret

[英]OAuth2Client clientId and clientSecret not set

 原文  2015-11-10 07:58:07       c#/ authentication/ oauth-2.0/ identityserver3

问题描述

I've set up a working IdentityServer 3 and everything works fine except the refresh token I'm trying to add. 我已经设置了可以正常工作的IdentityServer 3,并且除了我要添加的刷新令牌之外,其他所有东西都工作正常。

I avoid to report the whole code because I think I spot the error 我避免报告整个代码,因为我认为我发现了错误 

var tokenClient = new OAuth2Client(new Uri("https://myServer/myIdentityServer/connect/token"), "clientId", "secretWord");
var response = await tokenClient.RequestAuthorizationCodeAsync(n.Code, n.RedirectUri);

I get an error in the second line, and debugging I found that tokenClient variable contains a few private properties that are set to null but shouldn't be 我在第二行得到一个错误,并且调试时我发现tokenClient变量包含一些私有属性,这些属性设置为null但不应设置为

_address: { https://myServer/myIdentityServer/connect/token } _address:{ https:// myServer / myIdentityServer / connect / token }

_authenticationStyle: None _authenticationStyle:无

_client: {System.Net.Http.HttpClient} _client:{System.Net.Http.HttpClient}

_clientId: null _clientId:空

_clientSecret: null _clientSecret:空

Why _clientId and _clientSecret are set to null ? 为什么_clientId_clientSecret设置为null I gave the 2 parameters directly to OAuth2Client constructor, am I doing something wrong here? 我直接将2个参数提供给OAuth2Client构造函数,我在这里做错了吗?

UPDATE: following Scott Brady suggestion I tried also with TokenClient class from IdentityModel . 更新:根据Scott Brady的建议,我还尝试了IdentityModel TokenClient类。 Nothing changed, the response variable report an HttpError "Internal Server Error". 进行任何更改, response变量报告HttpError“内部服务器错误”。

From IdentityServer side everything seems to be fine, the log from first part of request is good 从IdentityServer方面来看,一切似乎都很好,请求第一部分的日志很好 

2015-11-10 14:31:36.737 +01:00 [Information] Start authorize request
2015-11-10 14:31:36.737 +01:00 [Information] Start authorize request protocol validation
2015-11-10 14:31:36.738 +01:00 [Information] "Authorize request validation success"
 "{
  \"ClientId\": \"hybridclient\",
  \"ClientName\": \"Hybrid Client Example\",
  \"RedirectUri\": \"https://rbmidde02.xxx.com/miIdentityClient/\",
  \"AllowedRedirectUris\": [
    \"https://rbmidde02.xxx.com/miIdentityClient/\"
  ],
  \"SubjectId\": \"1\",
  \"ResponseType\": \"code id_token token\",
  \"ResponseMode\": \"form_post\",
  \"Flow\": \"Hybrid\",
  \"RequestedScopes\": \"openid profile email roles offline_access\",
  \"State\": \"OpenIdConnect.AuthenticationProperties=joIq4Na_pIjM1dGht8LPOhXbzPjnHnlFgOPll_oxPbAH9GIuFQ5SKHUZWgRFUih_OFGTWxmi8I_Fu7pS_t_V_R2cNDa7l6r0eQ4RfgTosHHhmdpfm-0YuAO-N5q_16WyqesLPckv6HrB7ruZ64m8Vu4mpA80RYjc46xalOdzkyrKQLlmt_AwlWGA6XY-B2P3WpVvcP_tZQywdMEFS9uF-ucK07UOeUwO6nV8QXGJ-g31WhmM4D1I83O3EaYnoB2Xf6bOAMJuMySTywwQQ-bdd-tiOoRsusqSuc-JeeOiZvY\",
  \"Nonce\": \"635827590967269474.ZmM0NjgwYzMtZTYwMC00MmI5LTk5YzUtZjdhMmQ4MTkyZTUwNDBjZTkwYzEtYTBlNy00MDM2LTk4ZjUtMWEzYmZjZmZmMTc2\",
  \"SessionId\": \"7eb1b6356ef9ecb843dde1afdb239d9e\",
  \"Raw\": {
    \"client_id\": \"hybridclient\",
    \"redirect_uri\": \"https://rbmidde02.xxx.com/miIdentityClient/\",
    \"response_mode\": \"form_post\",
    \"response_type\": \"code id_token token\",
    \"scope\": \"openid profile email roles offline_access\",
    \"state\": \"OpenIdConnect.AuthenticationProperties=joIq4Na_pIjM1dGht8LPOhXbzPjnHnlFgOPll_oxPbAH9GIuFQ5SKHUZWgRFUih_OFGTWxmi8I_Fu7pS_t_V_R2cNDa7l6r0eQ4RfgTosHHhmdpfm-0YuAO-N5q_16WyqesLPckv6HrB7ruZ64m8Vu4mpA80RYjc46xalOdzkyrKQLlmt_AwlWGA6XY-B2P3WpVvcP_tZQywdMEFS9uF-ucK07UOeUwO6nV8QXGJ-g31WhmM4D1I83O3EaYnoB2Xf6bOAMJuMySTywwQQ-bdd-tiOoRsusqSuc-JeeOiZvY\",
    \"nonce\": \"635827590967269474.ZmM0NjgwYzMtZTYwMC00MmI5LTk5YzUtZjdhMmQ4MTkyZTUwNDBjZTkwYzEtYTBlNy00MDM2LTk4ZjUtMWEzYmZjZmZmMTc2\"
  }
}"
2015-11-10 14:31:36.738 +01:00 [Information] Creating Hybrid Flow response.
2015-11-10 14:31:36.738 +01:00 [Information] Creating Implicit Flow response.
2015-11-10 14:31:36.749 +01:00 [Information] Getting claims for identity token for subject: 1
2015-11-10 14:31:36.757 +01:00 [Information] End authorize request
2015-11-10 14:31:36.757 +01:00 [Information] Posting to https://rbmidde02.xxx.com/miIdentityClient/

But also second part seems ok 但第二部分似乎还可以 

2015-11-10 14:31:36.905 +01:00 [Information] Start userinfo request
2015-11-10 14:31:36.905 +01:00 [Information] Token found: AuthorizationHeader
2015-11-10 14:31:36.905 +01:00 [Information] Start access token validation
2015-11-10 14:31:36.906 +01:00 [Information] "Token validation success"
"{
  \"ValidateLifetime\": true,
  \"AccessTokenType\": \"Jwt\",
  \"ExpectedScope\": \"openid\",
  \"Claims\": {
    \"client_id\": \"hybridclient\",
    \"scope\": [
      \"openid\",
      \"profile\",
      \"email\",
      \"roles\",
      \"offline_access\"
    ],
    \"sub\": \"1\",
    \"amr\": \"password\",
    \"auth_time\": \"1447153048\",
    \"idp\": \"idsrv\",
    \"iss\": \"https://rbmidde02.xxx.com/miIdentityServer\",
    \"aud\": \"https://rbmidde02.xxx.com/miIdentityServer/resources\",
    \"exp\": \"1447165896\",
    \"nbf\": \"1447162296\"
  }
}"
2015-11-10 14:31:36.907 +01:00 [Information] Creating userinfo response
2015-11-10 14:31:36.907 +01:00 [Information] Scopes in access token: "openid profile email roles offline_access"
2015-11-10 14:31:36.907 +01:00 [Information] Requested claim types: "sub name family_name given_name middle_name nickname preferred_username profile picture website gender birthdate zoneinfo locale updated_at email email_verified role"
2015-11-10 14:31:36.907 +01:00 [Information] Profile service returned to the following claim types: "sub given_name family_name email role role preferred_username"
2015-11-10 14:31:36.907 +01:00 [Information] End userinfo request
2015-11-10 14:31:36.907 +01:00 [Information] Returning userinfo response.

Response is ok from IdentityServer side, I don't understand why that Internal Server Error on the client. 从IdentityServer端可以确定响应,但我不明白为什么客户端会出现内部服务器错误。

1 个解决方案

解决方案1
 2 已采纳  2015-11-10 13:10:07

I haven't had much experience with the OAuth2Client class. 我对OAuth2Client类没有太多经验。 However I do know the TokenClient class from IdentityModel works with Identity Server and uses almost identical code to the above. 但是,我确实知道IdentityModel的TokenClient类可与Identity Server一起使用,并使用与上面几乎相同的代码。

I would recommend giving this a go, as it's made by the same team as Identity Server. 我建议您尝试一下,因为它是由与Identity Server相同的团队完成的。

See here for example usage and GitHub repository. 有关用法和GitHub存储库的信息,请参见此处

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerProvider - clientId 和 clientSecret 在尝试从 Postman 生成令牌时出现 null - Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerProvider - clientId and clientSecret coming null while trying to generate token from Postman Azure KeyVault:如何创建clientId和clientSecret? - Azure KeyVault: how to create clientId and clientSecret? 如何在WinRT应用程序中保护Google的clientSecret和clientID? - How to protect Google's clientSecret and clientID in a WinRT application? 对于 Azure Key Vault,我应该将tenantId、clientId 和clientSecret 存储在哪里? - For Azure Key Vault, where should I store the tenantId, clientId and clientSecret? 如何获取 Azure (ARM) 部署模板的 clientId 和 clientsecret - How to get clientId and clientsecret for Azure (ARM) deployment template Microsoft Bot Framework示例致文本Bot的语音-clientid和clientSecret - Microsoft Bot Framework Example Speech to Text Bot - clientid and clientSecret 来自本地 .net 应用程序的 Azure 密钥保管库而不公开 clientid/clientsecret? - Azure keyvault from on prem .net app without exposing clientid/clientsecret? 如果您刚被授予ClientId和ClientSecret以及NO Refresh Token,那么为API续订Access Token的最佳做法是什么? - What is the best practice to renew Access Token for an API if you are just granted ClientId and ClientSecret and NO Refresh Token? 在 ASP.net/C# 中使用刷新令牌、ClientId 和 ClientSecret 获取 Google Drive API 的 UserCredential - Get UserCredential of Google Drive API using Refresh token, ClientId and ClientSecret in ASP.net/C# 从何处获取通过API访问Azure ServiceBus所需的信息,尤其是ClientID和ClientSecret - Where to get required information to access Azure ServiceBus via API, especially ClientID and ClientSecret
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM