IdentityServer4 Error, offline_access is not allowed for this client
Question
I have created in Memory configuration with a helper class,
public class InMemoryConfiguration
{
public static IEnumerable<ApiResource> ApiResources()
{
return new[] {
new ApiResource("socialnetwork", "Social Network")
};
}
public static IEnumerable<Client> Clients()
{
return new[] {
new Client
{
ClientId = "socialnetwork",
ClientName = "SocialNetwork",
ClientSecrets = new [] { new Secret("secret".Sha256()) },
//Flow = Flows.ResourceOwner,
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
AllowedScopes = new [] { "socialnetwork", StandardScopes.OfflineAccess, StandardScopes.OpenId, StandardScopes.OfflineAccess },
Enabled = true
}
};
}
public static IEnumerable<TestUser> Users()
{
return new[] {
new TestUser
{
SubjectId = "1",
Username = "myUser@question.com",
Password = "password",
}
};
}
}
From my ASP.Net application (separate project) , I am sending the authentication request ,
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
try
{
if (!ModelState.IsValid)
{
return View(model);
}
var client = new OAuth2Client(new Uri("http://localhost:61502/connect/token"), "socialnetwork", "secret");
var requestResponse = client.RequestAccessTokenUserName(model.Email, model.Password, "openid profile offline_access");
var claims = new[]
{
new Claim("access_token", requestResponse.AccessToken),
new Claim("refresh_token", requestResponse.RefreshToken)
};
var claimsIdentity = new ClaimsIdentity(claims,
DefaultAuthenticationTypes.ApplicationCookie);
HttpContext.GetOwinContext().Authentication.SignIn(claimsIdentity);
return RedirectToLocal(returnUrl);
}
catch (Exception ex)
{
//Do my Error Handling
}
}
Now I am seeing error on my server console,
offline_access is not allowed for this client: socialnetwork
I have provided all the access to the client on allowe
d scope,
AllowedScopes = new [] { "socialnetwork", StandardScopes.OfflineAccess, StandardScopes.OpenId, StandardScopes.OfflineAccess }
Why am I getting this error? Is this related to flow or something else.
1 answers
solution1
2 ACCPTED 2019-02-22 12:20:51
Set AllowOfflineAccess property to true in the client config as opposed to adding it to AllowedScopes :
new Client
{
ClientId = "socialnetwork",
ClientName = "SocialNetwork",
ClientSecrets = new [] { new Secret("secret".Sha256()) },
//Flow = Flows.ResourceOwner,
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
AllowedScopes = new [] { "socialnetwork",StandardScopes.OpenId },
Enabled = true,
AllowOfflineAccess = true
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.