IdentityServer4 无效的 Redirect_Uri 错误
[英]IdentityServer4 Invalid Redirect_Uri Error
问题描述
我创建了 3 个单独的项目,web api 项目,web mvc 项目和 asp.net 核心应用程序。 我正在使用具有 asp.net 核心标识的 IdentityServer4。 我有一个包含TestUsers信息的项目解决方案id 。 在RedirectUris = {"https://localhost:5444/signin-oidc"} ,我将其重定向到项目WeatherMVC 。 所有三个文件上的 launchsettings.json 都是正确的, RedirectUris也是正确的。 是不是我做错了什么导致我收到这条消息?
weatherapi project :
----startup.cs :
namespace weatherapi
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication("Bearer")
.AddIdentityServerAuthentication("Bearer", options =>
{
options.ApiName = "weatherapi";
options.Authority = "https://localhost:5443";
});
services.AddControllers();
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "weatherapi", Version = "v1" });
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseSwagger();
app.UseSwaggerUI(c => c.SwaggerEndpoint("/swagger/v1/swagger.json", "weatherapi v1"));
}
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
}
}
----launchsettings.json :
{
"$schema": "http://json.schemastore.org/launchsettings.json",
"iisSettings": {
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:52575",
"sslPort": 44354
}
},
"profiles": {
"IIS Express": {
"commandName": "IISExpress",
"launchBrowser": true,
"launchUrl": "swagger",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
},
"weatherapi": {
"commandName": "Project",
"dotnetRunMessages": "true",
"launchBrowser": true,
"hotReloadProfile": "aspnetcore",
"launchUrl": "swagger",
"applicationUrl": "https://localhost:5445;http://localhost:5002",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
}
}
}
WeatherMVC Project :
----launchsettings.json :
{
"iisSettings": {
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:65206",
"sslPort": 44398
}
},
"profiles": {
"IIS Express": {
"commandName": "IISExpress",
"launchBrowser": true,
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
},
"WeatherMVC": {
"commandName": "Project",
"launchBrowser": true,
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
},
"dotnetRunMessages": "true",
"applicationUrl": "https://localhost:5444;http://localhost:5001"
}
}
}
这两个项目在一个解决方案下,我执行多个启动项目。
在另一个项目中,名为id ...
id project :
----launchsettings.json
{
"iisSettings": {
"windowsAuthentication": false,
"anonymousAuthentication": true,
"iisExpress": {
"applicationUrl": "http://localhost:19916",
"sslPort": 44341
}
},
"profiles": {
"IIS Express": {
"commandName": "IISExpress",
"launchBrowser": true,
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
},
"id": {
"commandName": "Project",
"launchBrowser": true,
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
},
"hotReloadProfile": "aspnetcore",
"dotnetRunMessages": "true",
"applicationUrl": "https://localhost:5443;http://localhost:5000"
}
}
}
在 Config.cs 下面的Config.cs中,我有执行Redirect_uri的代码:
public static IEnumerable<Client> Clients =>
new[]
{
// m2m client credentials flow client
new Client
{
ClientId = "m2m.client",
ClientName = "Client Credentials Client",
AllowedGrantTypes = GrantTypes.ClientCredentials,
ClientSecrets = {new Secret("SuperSecretPassword".Sha256())},
AllowedScopes = {"weatherapi.read", "weatherapi.write"}
},
// interactive client using code flow + pkce
new Client
{
ClientId = "interactive",
ClientSecrets = {new Secret("SuperSecretPassword".Sha256())},
AllowedGrantTypes = GrantTypes.Code,
RedirectUris = {"https://localhost:5444/signin-oidc"},
FrontChannelLogoutUri = "https://localhost:5444/signout-oidc",
PostLogoutRedirectUris = {"https://localhost:5444/signout-callback-oidc"},
AllowOfflineAccess = true,
AllowedScopes = {"openid", "profile", "weatherapi.read"},
RequirePkce = true,
RequireConsent = true,
AllowPlainTextPkce = false
},
};
}
}
----startup.cs :
public class Startup
{
// This method gets called by the runtime. Use this method to add services to the container.
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
public void ConfigureServices(IServiceCollection services)
{
services.AddIdentityServer()
.AddInMemoryClients(Config.Clients)
.AddInMemoryIdentityResources(Config.IdentityResources)
.AddInMemoryApiResources(Config.ApiResources)
.AddInMemoryApiScopes(Config.ApiScopes)
.AddTestUsers(Config.Users)
.AddDeveloperSigningCredential();
services.AddControllersWithViews();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseRouting();
app.UseStaticFiles();
app.UseIdentityServer();
app.UseAuthorization();
app.UseEndpoints(endpoints => endpoints.MapDefaultControllerRoute());
}
}
更新
按照建议在program.cs中添加调试器后:
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.UseStartup<Startup>();
})
.ConfigureLogging(builder =>
{
builder.SetMinimumLevel(LogLevel.Debug);
builder.AddFilter("IdentityServer4", LogLevel.Debug);
});
我终于注意到它正在使用它的sslPort: 44398调用属于名为WeatherMVC的项目的重定向 uri。 请参阅该weathermvc projcect launchsettings.json 似乎无法理解为什么如果我没有将它设置为该 URI,它会重定向该 URI。
4 个解决方案
解决方案1
5 已采纳 2021-06-16 05:55:23
WeatherApi 是 IdentityServer 的客户端,当它进行身份验证时,它会告诉 IdentityServer 其重定向 uri。 IdentityServer 检查其允许的重定向 uri 并在找到匹配项时进行重定向。
此代码指定一个有效重定向 uri 的列表,而不是重定向 uri。
RedirectUris = {"https://localhost:5444/signin-oidc"},
您在 launchsettings.json 中有 IISExpress 和 Kestrel 设置,我认为您的launchsettings.json项目只是使用它找到的第一个设置作为重定向 uri。
一些可能的解决方案是:
将 WeatherApi 的其他 uri 添加到允许的 uri 例如
RedirectUris = {
"https://localhost:5444/signin-oidc", "https://localhost:44398/signin-oidc"},
您还可以在launchsettings.json中更改 Kestrel,让 WeatherApi 使用相同的端口
"applicationUrl": "https://localhost:44398;http://localhost:65206"
解决方案2
0 2022-07-20 21:01:40
我认为您的项目基于本教程。 这可能有助于人们遵循所涉及的步骤。 它还有一个代码链接。
解决方案3
0 2022-12-24 03:36:00
我遇到了同样的错误,因为我错过了使用“http”添加的 URL,而它需要“https”。 确认您添加的 URL 带有“https”而不是“http”。
public static class RedirectUrls
{
public const string WebSigninURI = "https://localhost:44332/signin-oidc";
public const string WebSignOutURI = "https://localhost:44332/signout-callback-oidc";
}
解决方案4
0 2023-01-24 08:59:32
如果有人对数据库有类似的问题。 在 table.ClientRedirectUris 中检查你的 uri
OpenID Connect AllowedRedirectUris 为空,导致 IdentityServer4 上的“redirect_uri 无效”
[英]OpenID Connect AllowedRedirectUris empty resulting in “invalid redirect_uri” on IdentityServer4
Xamarin 表单 - Instagram 登录:收到无效的 redirect_uri 错误,如何解决?
[英]Xamarin form - Instagram login: getting Invalid redirect_uri error, how to fix it?
为什么Live Connect SignInButton失败并带有无效的redirect_uri?
[英]Why does the Live Connect SignInButton fail with an invalid redirect_uri?
IIS 反向代理背后的 WebApp 在通过 OIDC 对外部 IdentityServer 进行身份验证时设置了错误的 signin_oidc redirect_uri
[英]WebApp behind IIS reverse proxy sets wrong signin_oidc redirect_uri while authenticating against external IdentityServer via OIDC
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
无效的 redirect_uri IdentityServer4 和 AppAuth
OpenID Connect AllowedRedirectUris 为空,导致 IdentityServer4 上的“redirect_uri 无效”
使用 IdentityServer4 进行身份验证时重定向错误
redirect_uri URL必须是绝对错误
Xamarin 表单 - Instagram 登录:收到无效的 redirect_uri 错误,如何解决?
为什么Live Connect SignInButton失败并带有无效的redirect_uri?
IIS 反向代理背后的 WebApp 在通过 OIDC 对外部 IdentityServer 进行身份验证时设置了错误的 signin_oidc redirect_uri
IdentityServer4中对令牌终结点的无效HTTP请求
IdentityServer4 刷新令牌无效授权
改变facebook redirect_uri web api
相关标签