小贝子编程

IdentityServer4:无法从以下位置获取配置:"{servicename}.well-known/openid-configuration"。码头工人问题



我有一个identityserver4容器(identitymanagement:5003/localhost:5003) 和一个 MVC 应用程序 (website.com:5000/localhost:5000)。

一旦两者都在 docker 中运行并且我尝试转到localhost:5000/home/login(重定向到identityserver),我收到错误

无法从"https://identitymanagement:5003/.well-known/openid-configuration"获取配置。

这是我所有不同的代码部分

MVC:登录调用 

public IActionResult Login()
{
return Challenge(new AuthenticationProperties
{
RedirectUri = "/Manage"
});
}

MVC:启动.cs

public static IServiceCollection AddCustomAuthentication(this IServiceCollection services, IConfiguration configuration)
{
var callBackUrl = configuration.GetValue<string>("logoutCallbackUrl");
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie(x=>x.ExpireTimeSpan = TimeSpan.FromHours(2))
.AddOpenIdConnect(options =>
{
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.Authority = "https://identitymanagement:5003";
options.SignedOutRedirectUri = callBackUrl.ToString();
options.ClientId =  "website";
options.ClientSecret = "secret";
options.ResponseType = "code id_token";
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.RequireHttpsMetadata = false;
options.Scope.Add("openid");
options.Scope.Add("profile");

});
return services;
}
}

身份服务器启动.cs

public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));

services.AddIdentity<ApplicationUser, IdentityRole>()
.AddDefaultUI(UIFramework.Bootstrap4)
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();

services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryIdentityResources(Config.GetIdentityResources())
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients())
.AddAspNetIdentity<ApplicationUser>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Error");
}
app.UseStaticFiles();
app.UseIdentityServer();
app.UseMvcWithDefaultRoute();
}
}

身份服务器:配置.cs

public class Config
{
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("resourceApi", "API Application")
};
}
// scopes define the resources in your system
public static IEnumerable<IdentityResource> GetIdentityResources()
{
return new List<IdentityResource>
{
new IdentityResources.OpenId(),
new IdentityResources.Profile(),
new IdentityResources.Email()
};
}
public static IEnumerable<Client> GetClients()
{
return new List<Client>
{

// OpenID Connect implicit flow client (MVC)
new Client
{
ClientId = "website",
ClientName = "Public Website",
AllowedGrantTypes = GrantTypes.Hybrid,
RequireConsent = false,
ClientSecrets =
{
new Secret("secret".Sha256())
},
RedirectUris = { "https://kryptoevents.com:5000/signin-oidc" },
PostLogoutRedirectUris = { "https://kryptoevents.com:5000/signout-callback-oidc" },
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email,
}
}
};
}
}

docker-compose.override.yml

identitymanagement:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=https://+:443;http://+:80
- ASPNETCORE_HTTPS_PORT=44378
ports:
- "60807:80"
- "5003:443"
website.com:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=https://+:443;http://+:80
- ASPNETCORE_HTTPS_PORT=44395
ports:
- "56530:80"
- "5000:443"

注意如果我不在 docker 中运行服务,而只是在 IIS 上运行它们而不是options.Authority = "https://identitymanagement:5003"; 将其更改为"https://localhost:5003"那么一切都按预期工作。

似乎docker内部存在问题,无法解决identitymanagment

我还尝试使用容器的 IP 地址而不是identitymanagement,但遇到了同样的错误。

在 docker 中运行时,对于证书,我需要做任何特殊的事情吗?

也许在你的码头工人中。Yml尝试改变

identitymanagement:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=https://+:443;http://+:80;https://+:5003
- ASPNETCORE_HTTPS_PORT=5003
ports:
- "60807:80"
- "5003:5003"
website.com:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=https://+:443;http://+:80;https://+:5000
- ASPNETCORE_HTTPS_PORT=5000
ports:
- "56530:80"
- "5000:5000"

因为在您的身份服务器配置.cs和 MVC:启动中.cs您可以设置这些指定的端口

相关内容

  • 没有找到相关文章

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium