Oauth 2.0 IdentityServer 4无效的授权代码{quot;code";:
我得到了无效的授权代码{“code”:“MyTestCode”} 下面是更详细的错误: 无效的授权代码{“代码”:“MyTestCode”},详细信息:{“ClientId”:“AuthorizationCodeClientFlow”,“ClientName”:“授权代码客户端”,“GrantType”:“授权代码”,“作用域”:null,“授权代码”:“MyTestCode”,“RefreshToken”:null,“用户名”:null,“AuthenticationContextReferenceClasses”:null,“租户”:null,“IdP”:null,“原始”:{“授权类型”:“授权代码”,“代码”:“MyTestCode”,“重定向uri”:”https://localhost:5000/oauth/callback,“客户端id”:“AuthorizationCodeClientFlow”},“$type”:“TokenRequestValidationLog”} 我在用邮递员测试 这是根据以下代码生成的客户端:Oauth 2.0 IdentityServer 4无效的授权代码{quot;code";:,oauth-2.0,identityserver4,Oauth 2.0,Identityserver4,我得到了无效的授权代码{“code”:“MyTestCode”} 下面是更详细的错误: 无效的授权代码{“代码”:“MyTestCode”},详细信息:{“ClientId”:“AuthorizationCodeClientFlow”,“ClientName”:“授权代码客户端”,“GrantType”:“授权代码”,“作用域”:null,“授权代码”:“MyTestCode”,“RefreshToken”:null,“用户名”:null,“AuthenticationContextRefere
{
ClientName = "Authorization Code Client",
ClientId = "AuthorizationCodeClientFlow",
AllowedGrantTypes = GrantTypes.Code,
ClientSecrets =
{
new Secret("AuthorizationCodeClientFlowSecret".Sha512())
},
AllowedScopes =
{
"all"
},
RedirectUris =
new List<string> {
"https://localhost:5000/oauth/callback"
},
AllowOfflineAccess = false,
AccessTokenLifetime = 60
};
{
ClientName=“授权码客户端”,
ClientId=“AuthorizationCodeClientFlow”,
AllowedGrantTypes=GrantTypes.Code,
客户秘密=
{
新机密(“AuthorizationCodeClientFlowSecret”.Sha512())
},
允许范围=
{
“全部”
},
重定向URI=
新名单{
"https://localhost:5000/oauth/callback"
},
AllowOfflineAccess=false,
AccessTokenLifetime=60
};
https://localhost:5105/oauth/authorize 很好,我有错误https://localhost:5105/oauth/token 步骤。当我这样验证请求时:
var form = (await _httpContextAccessor.HttpContext.Request.ReadFormAsync()).AsNameValueCollection();
var validationResult = await _requestValidator.ValidateRequestAsync(form, clientResult);
if (validationResult.IsError)
{
return new IdpTokenResponse
{
Custom = new Dictionary<string, object>
{
{ "Error", validationResult.Error },
{ "ErrorDescription", validationResult.ErrorDescription }
}
};
}
var form=(wait_httpContextAccessor.HttpContext.Request.ReadFormAsync()).AsNameValueCollection();
var validationResult=wait _requestValidator.validateRequestStatAsync(表单,clientResult);
if(validationResult.IsError)
{
返回新的IDPToken响应
{
自定义=新词典
{
{“Error”,validationResult.Error},
{“ErrorDescription”,validationResult.ErrorDescription}
}
};
}
您需要获取从初始身份验证请求收到的授权代码,然后在从令牌端点获取令牌时获取并传递该代码
一件不相关的事情是,当您针对IdentityServer进行身份验证时,您应该始终要求提供openid作用域,All或“”无效。添加openid作用域对meGreat起到了作用!请随时将答案标记为可接受:)