Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerProvider - clientId 和 clientSecret 在尝试从 Postman 生成令牌时出现 null
[英]Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerProvider - clientId and clientSecret coming null while trying to generate token from Postman
问题描述
I am using OWIN security for my asp.net web api 2 application and here is my startup class setting for auth.
我正在为我的 asp.net web api 2 应用程序使用 OWIN 安全性,这是我的启动 ZA2F2ED4F8EBC2CBBDC4 设置。
public void ConfigureOAuth(IAppBuilder app)
{
var oAuthServerOptions = new OAuthAuthorizationServerOptions
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
Provider = new CustomAuthorizationServerProvider()
};
// Token Generation
app.UseOAuthAuthorizationServer(oAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
And here is CustomAuthorizationServerProvider class implementation,这是CustomAuthorizationServerProvider class 实现,
public class CustomAuthorizationServerProvider : OAuthAuthorizationServerProvider
{
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
context.TryGetFormCredentials(out var clientId, out var clientSecret);
if (clientId == "987459827985" && clientSecret == "lkfjldsfjkld")
{
context.Validated(clientId);
}
return base.ValidateClientAuthentication(context);
}
public override Task GrantClientCredentials(OAuthGrantClientCredentialsContext context)
{
var oAuthIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
oAuthIdentity.AddClaim(new Claim(ClaimTypes.Name, "TestClient"));
var ticket = new AuthenticationTicket(oAuthIdentity, new AuthenticationProperties());
context.Validated(ticket);
return base.GrantClientCredentials(context);
}
}
Now, while trying to generate token using endpoint http://localhost:8080/token , I am getting NULL for both clientId and clientSecret and hence I am getting "error": "invalid_client" .现在,在尝试使用端点http://localhost:8080/token生成令牌时,我得到了 clientId 和 clientSecret 的 NULL ,因此我得到了"error": "invalid_client" 。 What I am missing here?我在这里缺少什么?
Edit: EDIT编辑:编辑
When I am using raw as body, I can see token generation is working and both client and secret have value.当我使用raw作为正文时,我可以看到令牌生成正在工作,并且客户端和秘密都具有价值。 Why it is not working for form-data ?为什么它不适用于form-data ?
1 个解决方案
解决方案1
1 已采纳 2020-04-28 09:14:06
Check the postman documentation: Sending API requests查看 postman 文档: 发送 API 请求
Most importantly this:最重要的是:
Website forms often send data to APIs as multipart/form-data.
With a quick search around the web, there needs to be a special type of handling for the APIs to bind the multipart/form-data通过快速搜索 web,需要对 API 进行特殊类型的处理以绑定multipart/form-data
ie How to set up a Web API controller for multipart/form-data即如何为多部分/表单数据设置 Web API controller
There is even a plugin for that甚至还有一个插件
Content type is important.内容类型很重要。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.