堆栈内存溢出
  简体   繁体   English

使用 authorization_code 授予类型请求令牌

[英]Requesting a token using the authorization_code Grant Type

 原文  2020-03-12 01:25:26       asp.net/ .net-core/ oauth-2.0/ identityserver4/ openid-connect

问题描述

I want to Request a token using the authorization_code Grant Type, I see it here: https://identitymodel.readthedocs.io/en/latest/client/token.html#我想使用 authorization_code 授予类型请求令牌,我在这里看到它: https : //identitymodel.readthedocs.io/en/latest/client/token.html#

var response = await client.RequestAuthorizationCodeTokenAsync(new AuthorizationCodeTokenRequest
{
    Address = IdentityServerPipeline.TokenEndpoint,

    ClientId = "client",
    ClientSecret = "secret",

    Code = code,
    RedirectUri = "https://app.com/callback",

    // optional PKCE parameter
    CodeVerifier = "xyz"
});

But I don't know where code and CodeVerifier is getten.但我不知道codeCodeVerifier是从哪里CodeVerifier的。

1 个解决方案

解决方案1
 0  2020-03-12 04:24:25

As already you know, Authorization Code Grant contains a few steps which you need to read them from RFC 6749 - The OAuth2.0 Authorization Framework .正如您所知,授权代码授予包含一些您需要从RFC 6749 - OAuth2.0 授权框架中阅读它们的步骤。

the authorization server redirects the user-agent back to the client using the redirection URI provided earlier (in the request or during client registration).授权服务器使用之前提供的重定向 URI(在请求中或在客户端注册期间)将用户代理重定向回客户端。 The redirection URI includes an authorization code and any local state provided by the client earlier.重定向 URI 包括授权代码和客户端之前提供的任何本地状态。

There is a flow diagram in the RFC document which help you figure out how you'll earn the code . RFC 文档中有一个流程图,可以帮助您弄清楚如何获得代码

In summary: Your client should send Authorization Code with it's request, then you send the Code to the Authorization Server and check it's validity.总结:您的客户端应该随其请求发送授权代码,然后您将代码发送到授权服务器并检查其有效性。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用 asp.net 获取 Authorization_code 和 access_Token 并发送信封 DocuSign - How to get Authorization_code and access_Token and send envelope DocuSign using asp.net Owin.Security.OAuth 上的 Authorization_code 授予流程:返回 invalid_grant - Authorization_code grant flow on Owin.Security.OAuth: returns invalid_grant 使用授权类型作为密码获取基于用户的访问令牌 - Fetching user based access token using grant type as password 使用OAuth 2验证ASP.NET Web API - 要使用的最佳授权授权类型? - Authenticating ASP.NET Web API with OAuth 2 - Best type of Authorization Grant to use? “error”:“invalid_grant”,“error_description”:salesforce 中的“无效授权代码” - "error":"invalid_grant","error_description":"invalid authorization code" in salesforce 如何从单页应用程序实施OAuth 2.0授权代码授予? - How to implement OAuth 2.0 Authorization Code Grant from Single-Page Application? ASP.NET Web应用程序中的Google用户令牌和授权代码 - Google's user token and authorization code in an ASP.NET webapplication 请求Facebook访问令牌服务器端时,验证代码错误 - Error validating verification code when requesting Facebook access Token Server Side 使用授权代码流的Web API OAuthAuthorizationServer - Web API OAuthAuthorizationServer using Authorization Code flow Sendgrid - 提供的授权授权无效、过期或撤销 - Sendgrid - The provided authorization grant is invalid, expired, or revoked
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM