堆栈内存溢出
  简体   繁体   English

如何使用节点 oidc 提供程序获取用户信息

[英]How to get user information using node oidc provider

 原文  2021-05-11 13:16:04       node.js/ oidc-provider/ node-oidc-provider

问题描述

I got access token and I will pass access_token to userinfo endpoint it throwing an invalid token provided error How to fix this Issue.我得到了访问令牌,我会将 access_token 传递给 userinfo 端点,它会抛出一个无效的令牌提供错误如何解决此问题。 I tried to debug why this error is throwing we have validateAccessToken method(userinfo.js) in this method check the access_token is exist or not exist using this code await ctx.oidc.provider.AccessToken.find(accessTokenValue);我试图调试为什么抛出这个错误我们在这个方法中有validateAccessToken 方法(userinfo.js)检查 access_token 是否存在使用这个代码等待 ctx.oidc.provider.AccessToken.find(accessTokenValue); when i print this result it's showing undefined当我打印此结果时,它显示未定义

oidc_configuration.js oidc_configuration.js

const oidc = new Provider('http://localhost:3000', {
  clients: [
    {
      client_id: 'oidcCLIENT',
      client_secret: '...',
      grant_types: ['refresh_token', 'authorization_code'],
      redirect_uris: ['http://sso-client.dev/providers/7/open_id', 'http://sso-client.dev/providers/8/open_id'],
    }
  ],
  interactions: {
    url(ctx, interaction) { // eslint-disable-line no-unused-vars
      return `/api/v1/open_id/interaction/${interaction.uid}`;
    },
  },
  cookies: {
    keys: ['some secret key', 'and also the old rotated away some time ago', 'and one more'],
  },
  claims: {
    address: ['address'],
    email: ['email', 'email_verified'],
    phone: ['phone_number', 'phone_number_verified'],
    profile: ['birthdate', 'family_name', 'gender', 'given_name', 'locale', 'middle_name', 'name',
      'nickname', 'picture', 'preferred_username', 'profile', 'updated_at', 'website', 'zoneinfo'],
  },
  features: {
    devInteractions: { enabled: false }, // defaults to true

    deviceFlow: { enabled: true }, // defaults to false
    revocation: { enabled: true }, // defaults to false
  },
  jwks: {
    keys: [
      {
        d: 'VEZOsY07JTFzGTqv6cC2Y32vsfChind2I_TTuvV225_-0zrSej3XLRg8iE_u0-3GSgiGi4WImmTwmEgLo4Qp3uEcxCYbt4NMJC7fwT2i3dfRZjtZ4yJwFl0SIj8TgfQ8ptwZbFZUlcHGXZIr4nL8GXyQT0CK8wy4COfmymHrrUoyfZA154ql_OsoiupSUCRcKVvZj2JHL2KILsq_sh_l7g2dqAN8D7jYfJ58MkqlknBMa2-zi5I0-1JUOwztVNml_zGrp27UbEU60RqV3GHjoqwI6m01U7K0a8Q_SQAKYGqgepbAYOA-P4_TLl5KC4-WWBZu_rVfwgSENwWNEhw8oQ',
        dp: 'E1Y-SN4bQqX7kP-bNgZ_gEv-pixJ5F_EGocHKfS56jtzRqQdTurrk4jIVpI-ZITA88lWAHxjD-OaoJUh9Jupd_lwD5Si80PyVxOMI2xaGQiF0lbKJfD38Sh8frRpgelZVaK_gm834B6SLfxKdNsP04DsJqGKktODF_fZeaGFPH0',
        dq: 'F90JPxevQYOlAgEH0TUt1-3_hyxY6cfPRU2HQBaahyWrtCWpaOzenKZnvGFZdg-BuLVKjCchq3G_70OLE-XDP_ol0UTJmDTT-WyuJQdEMpt_WFF9yJGoeIu8yohfeLatU-67ukjghJ0s9CBzNE_LrGEV6Cup3FXywpSYZAV3iqc',
        e: 'AQAB',
        kty: 'RSA',
        n: 'xwQ72P9z9OYshiQ-ntDYaPnnfwG6u9JAdLMZ5o0dmjlcyrvwQRdoFIKPnO65Q8mh6F_LDSxjxa2Yzo_wdjhbPZLjfUJXgCzm54cClXzT5twzo7lzoAfaJlkTsoZc2HFWqmcri0BuzmTFLZx2Q7wYBm0pXHmQKF0V-C1O6NWfd4mfBhbM-I1tHYSpAMgarSm22WDMDx-WWI7TEzy2QhaBVaENW9BKaKkJklocAZCxk18WhR0fckIGiWiSM5FcU1PY2jfGsTmX505Ub7P5Dz75Ygqrutd5tFrcqyPAtPTFDk8X1InxkkUwpP3nFU5o50DGhwQolGYKPGtQ-ZtmbOfcWQ',
        p: '5wC6nY6Ev5FqcLPCqn9fC6R9KUuBej6NaAVOKW7GXiOJAq2WrileGKfMc9kIny20zW3uWkRLm-O-3Yzze1zFpxmqvsvCxZ5ERVZ6leiNXSu3tez71ZZwp0O9gys4knjrI-9w46l_vFuRtjL6XEeFfHEZFaNJpz-lcnb3w0okrbM',
        q: '3I1qeEDslZFB8iNfpKAdWtz_Wzm6-jayT_V6aIvhvMj5mnU-Xpj75zLPQSGa9wunMlOoZW9w1wDO1FVuDhwzeOJaTm-Ds0MezeC4U6nVGyyDHb4CUA3ml2tzt4yLrqGYMT7XbADSvuWYADHw79OFjEi4T3s3tJymhaBvy1ulv8M',
        qi: 'wSbXte9PcPtr788e713KHQ4waE26CzoXx-JNOgN0iqJMN6C4_XJEX-cSvCZDf4rh7xpXN6SGLVd5ibIyDJi7bbi5EQ5AXjazPbLBjRthcGXsIuZ3AtQyR0CEWNSdM7EyM5TRdyZQ9kftfz9nI03guW3iKKASETqX2vh0Z8XRjyU',
        use: 'sig',
      }, {
        crv: 'P-256',
        d: 'K9xfPv773dZR22TVUB80xouzdF7qCg5cWjPjkHyv7Ws',
        kty: 'EC',
        use: 'sig',
        x: 'FWZ9rSkLt6Dx9E3pxLybhdM6xgR5obGsj5_pqmnz5J4',
        y: '_n8G69C-A2Xl4xUW2lF0i8ZGZnk_KPYrhv4GbTGu5G4',
      },
    ],
  },
});

// Heroku has a proxy in front that terminates ssl, you should trust the proxy.
oidc.proxy = true;
const callback = oidc.callback();

在此处输入图像描述 How to fix this issue如何解决此问题

2 个解决方案

解决方案1
 0  2021-05-12 10:10:39

You're running without a persistent adapter, meaning an in-memory one is used, are you possibly restarting your server after receiving the access token before calling the userinfo endpoint?您在没有持久适配器的情况下运行,这意味着使用了内存中的适配器,您是否可能在收到访问令牌后重新启动服务器,然后再调用 userinfo 端点?

解决方案2
 0  2021-08-10 19:07:00

After completing the authentication, you will get access_token as well as id_token.完成认证后,您将获得access_token以及id_token。 I think you were using id_token in place of access_token which is why you are seeing that error我认为您使用 id_token 代替 access_token 这就是您看到该错误的原因

在此处输入图像描述

Instead use access_token then you can see the details而是使用 access_token 然后您可以查看详细信息在此处输入图像描述

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在节点 OIDC 提供者中获取授权码 - How to get the Authorization code in the node OIDC provider 如何使用节点 OIDC 提供程序中的令牌端点获取 access_token - How to get access_token using token endpoint in the node OIDC provider 如何使用节点 oidc 提供程序更改访问令牌格式 - How to change access token format using node oidc provider 如何在 Node jS 中集成 OIDC Provider - How to integrate OIDC Provider in Node jS 如何使用 ExpressJS 针对 mountPath 挂载 node-oidc-provider? - How do I mount an node-oidc-provider against a mountPath using ExpressJS? 使用 node-oidc-provider 完成交互后访问被拒绝 - Access Denied after interactionFinished using node-oidc-provider 如何使用 express 使用 node-oidc-provider access_token? - How to consume node-oidc-provider access_token with express? 如何使用 OIDC 提供程序在 /token 端点中获取访问令牌和刷新令牌 - How to get access token and refresh token in the /token endpoint using OIDC provider node-oidc-provider 的路由问题 - problem with routes with node-oidc-provider [node oidc provider]:授权代码流程 - [node oidc provider]: Authorization code flow
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM