[英]Calling Identity Server Token EndPoint
我想從我的React App中調用IdentityServer 4的令牌端點 (在http://localhost:3000 )。 因此,在某些登錄方法中,我正在執行以下操作:
login = () => {
const userdata = {
username: 'admin',
password: 'admin',
};
const dataForBody = `${'client_id=js&'}${'grant_type=password&' +
'username='}${encodeURI(userdata.username)}&` +
`password=${encodeURI(userdata.password)}&` +
`scope=${encodeURI('api1')}`;
const messageHeaders = {
'Content-Type': 'application/x-www-form-urlencoded',
};
axios({
method: 'post',
url: 'http://localhost:5000/connect/token',
headers: messageHeaders,
data: dataForBody,
})
.then((response) => {
console.log(response);
});
}
現在,我得到以下響應:
{"error":"unauthorized_client"}
我的IdSrv設置類似於js應用程序示例。
config.cs
namespace QuickstartIdentityServer
{
public class Config
{
// scopes define the API resources in your system
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("api1", "My API")
};
}
// client want to access resources (aka scopes)
public static IEnumerable<Client> GetClients()
{
return new List<Client>
{
new Client
{
ClientId = "js",
ClientName = "JavaScript Client",
AllowedGrantTypes = GrantTypes.Implicit,
AllowAccessTokensViaBrowser = true,
RedirectUris = { "http://localhost:3000/login" },
AllowedCorsOrigins = { "http://localhost:3000" },
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"api1"
}
}
};
}
public static List<TestUser> GetUsers()
{
return new List<TestUser> {
new TestUser {
SubjectId = "1", Username = "admin", Password = "admin"
},
};
}
}
}
startup.cs
namespace QuickstartIdentityServer
{
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
// configure identity server with in-memory stores, keys, clients and scopes
services.AddIdentityServer()
.AddTemporarySigningCredential()
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients())
.AddTestUsers(Config.GetUsers());
}
public void Configure(IApplicationBuilder app, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(LogLevel.Debug);
app.UseDeveloperExceptionPage();
app.UseIdentityServer();
}
}
}
我想念什么嗎?
問題出在客戶端定義中:
AllowedGrantTypes = GrantTypes.Implicit,
是不正確的。 我們必須使用:
AllowedGrantTypes = ResourceOwnerPassword
出現的直接問題是,您正在嘗試通過將用戶名和密碼作為URL參數傳遞來對令牌服務進行身份驗證。 客戶端的用戶名和密碼應使用標准的基本授權標頭傳遞:
Authorization: Basic Base64Encode(myusername:mypassword)
對於本示例,最終結果將如下所示:
Authorization: Basic bXl1c2VybmFtZTpteXBhc3N3b3Jk
Identity Server 4,API未經授權調用內省端點
[英]Identity Server 4, API unauthorized to call introspection endpoint
Identity Server 3-具有滑動令牌到期的JavaScript資源所有者流
[英]Identity Server 3 - JavaScript Resource Owner Flow with sliding token expiration
function 沒有從調用 nodejs / express 服務器端點捕獲錯誤
[英]function doesn't catch error from calling nodejs / express server endpoint
Pubnub function xhr 模塊多次調用服務器端點(它應該只調用一次)
[英]Pubnub function xhr module is calling server endpoint multiple times ( it should call only one time )
CORS 僅在通過調用(Google 身份服務)GIS 的 google.accounts.oauth2.revoke 撤銷令牌時發出
[英]CORS issue only when revoking Token by calling (Google Identity Services) GIS's google.accounts.oauth2.revoke
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.