IdentityServer4-发现文档上的子域
这就是我的设想 身份: 当访问端点时,这是我的响应IdentityServer4-发现文档上的子域,identityserver4,identitymodel,Identityserver4,Identitymodel,这就是我的设想 身份: 当访问端点时,这是我的响应 { "issuer":"http://mydomain.subdomain.com.br/", "jwks_uri":"http://mydomain.subdomain.com.br/.well-known/openid-configuration/jwks", "authorization_endpoint":"http://mydomain.subdomain.com.br/connect/authorize",
{
"issuer":"http://mydomain.subdomain.com.br/",
"jwks_uri":"http://mydomain.subdomain.com.br/.well-known/openid-configuration/jwks",
"authorization_endpoint":"http://mydomain.subdomain.com.br/connect/authorize",
"token_endpoint":"http://mydomain.subdomain.com.br/connect/token",
"userinfo_endpoint":"http://mydomain.subdomain.com.br/connect/userinfo",
"end_session_endpoint":"http://mydomain.subdomain.com.br/connect/endsession",
"check_session_iframe":"http://mydomain.subdomain.com.br/connect/checksession",
"revocation_endpoint":"http://mydomain.subdomain.com.br/connect/revocation",
"introspection_endpoint":"http://mydomain.subdomain.com.br/connect/introspect",
"device_authorization_endpoint":"http://mydomain.subdomain.com.br/connect/deviceauthorization",
"frontchannel_logout_supported":true,
"frontchannel_logout_session_supported":true,
"backchannel_logout_supported":true,
"backchannel_logout_session_supported":true,
"scopes_supported":[
"openid",
"email",
"profile"
],
"claims_supported":[
"sub",
"email_verified",
"email",
"updated_at",
"locale",
"zoneinfo",
"birthdate",
"website",
"picture",
"profile",
"preferred_username",
"nickname",
"middle_name",
"given_name",
"family_name",
"name",
"gender"
],
"grant_types_supported":[
"authorization_code",
"client_credentials",
"refresh_token",
"implicit",
"password",
"urn:ietf:params:oauth:grant-type:device_code"
],
"response_types_supported":[
"code",
"token",
"id_token",
"id_token token",
"code id_token",
"code token",
"code id_token token"
],
"response_modes_supported":[
"form_post",
"query",
"fragment"
],
"token_endpoint_auth_methods_supported":[
"client_secret_basic",
"client_secret_post"
],
"subject_types_supported":[
"public"
],
"id_token_signing_alg_values_supported":[
"RS256"
],
"code_challenge_methods_supported":[
"plain",
"S256"
],
"request_parameter_supported":true
}
两个问题:
1-为什么子域被删除
2-当用户访问SPA应用程序,然后oidc客户端重定向他(使用siginRedirect方法)登录时,找不到它的端点,因为子域再次被删除
谢谢。默认情况下,Identityserver从请求中推断出原始名称 您可以在此处阅读更多Identityserver选项-
您可以将Identityserver配置为使用自定义源
services.AddIdentityServer(options =>
{
options.PublicOrigin ="https://mydomain.subdomain.com.br/homol/identity";
})
谢谢你,firdaus kamaruddin。工作部分,地址是正确的,但我的整个流程不工作。我尝试访问SPA客户端,然后,我重定向到登录页面(此页面已被破坏,但在设置PublicOrigin起作用后),在用户放置信息后,应再次重定向到SPA,但出现错误,因为授权端点没有子域homol/identity