Identityserver3 - 客户端应用程序未知或未授权
问题描述:
我正在设置我的客户端应用程序port3g以使用IdentityServer3进行身份验证。Identityserver3 - 客户端应用程序未知或未授权
我收到错误:客户端应用程序未知或未经授权。 我想我已经正确配置了客户端和OAuth服务器客户端设置。有谁看到一个错误在任一配置
网站:PORT3G安装调试..
public void ConfigureAuth(IAppBuilder app)
{
JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
//port3g_implicit
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
ClientId = "port3g_implicit",
Authority = "http://localhost:22710", // Authorization Server
RedirectUri = "http://localhost:28037/", // Address of this website
ResponseType = "id_token token ", // Added token was not in orginal code
Scope = "openid profile offline_access read appRoles",
PostLogoutRedirectUri = "http://localhost:28037",
SignInAsAuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
}
网站:Webhost.OAuth
// BEGIN PORT3G
new Client
{
ClientId = "port3g_implicit",
ClientSecrets = new List<Secret>
{
new Secret("secret".Sha256())
},
ClientName = "Port3G",
Flow = Flows.Implicit,
AllowedScopes = new List<string>
{
Constants.StandardScopes.OpenId,
Constants.StandardScopes.Profile,Constants.StandardScopes.AllClaims ,
"read","appRoles"
},
RedirectUris = new List<string>
{
"http://localhost:28037/",
"http://localhost:28037/"
},
PostLogoutRedirectUris = new List<string>
{
"http://localhost:28037/"
},
Enabled = true
}
// END PORT3G
答
有一个在你的响应类型的后面加上一个空格
ResponseType = "id_token token ", // Added token was not in orginal code
删除它并尝试。同时删除offline_access范围
答
是否已打开IdentityServer logging?它可以在诊断这些问题方面非常有用。
在这种特定情况下,很可能是因为您要求使用隐式流不允许的offline_access。尝试从分配给范围的字符串中删除该标识符。当您打开登录,您可能会看到下面的行指示此问题:
[错误]请求不允许范围:“offline_access”