[英]How to revoke or invalidate token using Identity Server 4?
I read this docs: http://docs.identityserver.io/en/release/endpoints/revocation.html我阅读了这个文档: http : //docs.identityserver.io/en/release/endpoints/revocation.html
Then I try this code:然后我试试这个代码:
AuthHelper.cs身份验证助手
public class AuthHelper
{
private string URL = "http://localhost:50847/connect/revocation";
public bool revocarToken(string token)
{
try
{
HttpClient client = new HttpClient();
string uri = URL;
StringContent contenido = new StringContent("token="+token+"&token_type_hint=access_token", System.Text.Encoding.UTF8, "application/x-www-form-urlencoded");
HttpResponseMessage response = client.PostAsync(uri, contenido).Result;
if (response.IsSuccessStatusCode)
return true;
return false;
}
catch (Exception ex)
{
throw;
}
}
}
But, I get this error:但是,我收到此错误:
I get an error 400 (Bad request).我收到错误 400(错误请求)。 Thanks in advance.提前致谢。
You're not sending the required credentials to revocation end point.您没有将所需的凭据发送到吊销端点。 IdentityServer expects you to provide a client id and secret. IdentityServer 期望您提供客户端 ID 和密码。 Please read https://tools.ietf.org/html/rfc7009#section-2.1 specification to understand better.请阅读https://tools.ietf.org/html/rfc7009#section-2.1规范以更好地理解。
I recommend you to use IdentityModel2 package to make the revocation request (and other OIDC related requests).我建议您使用IdentityModel2包来发出撤销请求(以及其他 OIDC 相关请求)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.