[英]How to Validate OpenID Connect Access Token generated by identityserver4 in ASP.NET WEB API
[英]OpenID connect between IdentityServer4 and ASP.NET MVC (.NET 4.6.2)
我在.net核心上有一个用于客户端的IdentityServer4,但现在我想在带有.net Framework 4.6.2的asp.net mvc上使用一个客户端
我为OWIN找到了这个解决方案https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/Clients/MVC%20OWIN%20Client%20(Hybrid)但此代码不起作用。
我有此客户端配置:
new Client
{
ClientId = "mvcClient",
ClientName = "4.6.2 client",
AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
ClientSecrets =
{
new Secret("secretKey".Sha256())
},
RedirectUris = {"http://localhost:52244/signin-oidc"},
PostLogoutRedirectUris = {"http://localhost:52244/signout-callback-oidc"},
AllowedScopes = new List<string>
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
},
AllowOfflineAccess = true,
RequireConsent = false,
AlwaysIncludeUserClaimsInIdToken = true,
AlwaysSendClientClaims = true
}
.net 4.6.2 mvc客户端中的此配置:
ServicePointManager.ServerCertificateValidationCallback = (sender, cert, chain, error) => true;
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies",
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
ClientId = "AdminUiClient",
ClientSecret = "AdminSpiritSecretKey",
ResponseType = "code id_token",
SignInAsAuthenticationType = "Cookies",
Authority = "http://localhost:58506/", //IdentityServer4
AuthenticationType = "oidc",
RedirectUri = "http://localhost:52244/signin-oidc", //URL of Client website
Scope = "offline_access",
AuthenticationMode = AuthenticationMode.Active,
RequireHttpsMetadata = false,
UseTokenLifetime = false,
});
我在配置中做错了什么?
需要更多有关此问题的信息。 乍一看,您放入客户端的ClientId和Secret与配置中的值不匹配。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.