[英]How to Validate OpenID Connect Access Token generated by identityserver4 in ASP.NET WEB API
[英]OpenID connect between IdentityServer4 and ASP.NET MVC (.NET 4.6.2)
我在.net核心上有一個用於客戶端的IdentityServer4,但現在我想在帶有.net Framework 4.6.2的asp.net mvc上使用一個客戶端
我為OWIN找到了這個解決方案https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/Clients/MVC%20OWIN%20Client%20(Hybrid)但此代碼不起作用。
我有此客戶端配置:
new Client
{
ClientId = "mvcClient",
ClientName = "4.6.2 client",
AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
ClientSecrets =
{
new Secret("secretKey".Sha256())
},
RedirectUris = {"http://localhost:52244/signin-oidc"},
PostLogoutRedirectUris = {"http://localhost:52244/signout-callback-oidc"},
AllowedScopes = new List<string>
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
},
AllowOfflineAccess = true,
RequireConsent = false,
AlwaysIncludeUserClaimsInIdToken = true,
AlwaysSendClientClaims = true
}
.net 4.6.2 mvc客戶端中的此配置:
ServicePointManager.ServerCertificateValidationCallback = (sender, cert, chain, error) => true;
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies",
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
ClientId = "AdminUiClient",
ClientSecret = "AdminSpiritSecretKey",
ResponseType = "code id_token",
SignInAsAuthenticationType = "Cookies",
Authority = "http://localhost:58506/", //IdentityServer4
AuthenticationType = "oidc",
RedirectUri = "http://localhost:52244/signin-oidc", //URL of Client website
Scope = "offline_access",
AuthenticationMode = AuthenticationMode.Active,
RequireHttpsMetadata = false,
UseTokenLifetime = false,
});
我在配置中做錯了什么?
需要更多有關此問題的信息。 乍一看,您放入客戶端的ClientId和Secret與配置中的值不匹配。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.