Oauth 2.0 IdentityServer 4无效的授权代码{quot;code";:

Oauth 2.0 IdentityServer 4无效的授权代码{quot;code";:,oauth-2.0,identityserver4,Oauth 2.0,Identityserver4,我得到了无效的授权代码{“code”:“MyTestCode”} 下面是更详细的错误: 无效的授权代码{“代码”:“MyTestCode”},详细信息:{“ClientId”:“AuthorizationCodeClientFlow”,“ClientName”:“授权代码客户端”,“GrantType”:“授权代码”,“作用域”:null,“授权代码”:“MyTestCode”,“RefreshToken”:null,“用户名”:null,“AuthenticationContextRefere

我得到了无效的授权代码{“code”:“MyTestCode”}

下面是更详细的错误: 无效的授权代码{“代码”:“MyTestCode”},详细信息:{“ClientId”:“AuthorizationCodeClientFlow”,“ClientName”:“授权代码客户端”,“GrantType”:“授权代码”,“作用域”:null,“授权代码”:“MyTestCode”,“RefreshToken”:null,“用户名”:null,“AuthenticationContextReferenceClasses”:null,“租户”:null,“IdP”:null,“原始”:{“授权类型”:“授权代码”,“代码”:“MyTestCode”,“重定向uri”:”https://localhost:5000/oauth/callback,“客户端id”:“AuthorizationCodeClientFlow”},“$type”:“TokenRequestValidationLog”}

我在用邮递员测试

这是根据以下代码生成的客户端:

            {
                ClientName = "Authorization Code Client",
                ClientId = "AuthorizationCodeClientFlow",
                AllowedGrantTypes = GrantTypes.Code,
                ClientSecrets =
                  {
                    new Secret("AuthorizationCodeClientFlowSecret".Sha512())
                  },
                AllowedScopes =
                  {
                    "all"
                  },
                RedirectUris =
                  new List<string> {
                       "https://localhost:5000/oauth/callback"
                  },
                AllowOfflineAccess = false,
                AccessTokenLifetime = 60
            };
{
ClientName=“授权码客户端”,
ClientId=“AuthorizationCodeClientFlow”,
AllowedGrantTypes=GrantTypes.Code,
客户秘密=
{
新机密(“AuthorizationCodeClientFlowSecret”.Sha512())
},
允许范围=
{
“全部”
},
重定向URI=
新名单{
"https://localhost:5000/oauth/callback"
},
AllowOfflineAccess=false,
AccessTokenLifetime=60
};
https://localhost:5105/oauth/authorize 很好,我有错误https://localhost:5105/oauth/token 步骤。当我这样验证请求时:

var form = (await _httpContextAccessor.HttpContext.Request.ReadFormAsync()).AsNameValueCollection();

            var validationResult = await _requestValidator.ValidateRequestAsync(form, clientResult);

            if (validationResult.IsError)
            {
                return new IdpTokenResponse
                {
                    Custom = new Dictionary<string, object>
                      {
                        { "Error", validationResult.Error },
                        { "ErrorDescription", validationResult.ErrorDescription }
                      }
                };
            }
var form=(wait_httpContextAccessor.HttpContext.Request.ReadFormAsync()).AsNameValueCollection();
var validationResult=wait _requestValidator.validateRequestStatAsync(表单,clientResult);
if(validationResult.IsError)
{
返回新的IDPToken响应
{
自定义=新词典
{
{“Error”,validationResult.Error},
{“ErrorDescription”,validationResult.ErrorDescription}
}
};
}

您需要获取从初始身份验证请求收到的授权代码,然后在从令牌端点获取令牌时获取并传递该代码


一件不相关的事情是,当您针对IdentityServer进行身份验证时,您应该始终要求提供openid作用域,All或“”无效。

添加openid作用域对meGreat起到了作用!请随时将答案标记为可接受:)