我正在设置我的客户端应用程序端口3g,以便使用IdentityServer3进行身份验证。
我收到错误:客户端应用程序未知或未经授权我认为我已经正确配置了客户端和OAuth服务器客户端设置。有人在任一配置中看到错误吗
网站:PORT3G StartUp。。
public void ConfigureAuth(IAppBuilder app)
{
JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
//port3g_implicit
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
ClientId = "port3g_implicit",
Authority = "http://localhost:22710", // Authorization Server
RedirectUri = "http://localhost:28037/", // Address of this website
ResponseType = "id_token token ", // Added token was not in orginal code
Scope = "openid profile offline_access read appRoles",
PostLogoutRedirectUri = "http://localhost:28037",
SignInAsAuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
}
网站:Webhost.OAuth
// BEGIN PORT3G
new Client
{
ClientId = "port3g_implicit",
ClientSecrets = new List<Secret>
{
new Secret("secret".Sha256())
},
ClientName = "Port3G",
Flow = Flows.Implicit,
AllowedScopes = new List<string>
{
Constants.StandardScopes.OpenId,
Constants.StandardScopes.Profile,Constants.StandardScopes.AllClaims ,
"read","appRoles"
},
RedirectUris = new List<string>
{
"http://localhost:28037/",
"http://localhost:28037/"
},
PostLogoutRedirectUris = new List<string>
{
"http://localhost:28037/"
},
Enabled = true
}
// END PORT3G
是否打开了IdentityServer日志记录?它对诊断这类问题非常有帮助。
在这种特定情况下,可能是因为您请求offline_access,而隐式流不允许这样做。尝试从分配给作用域的字符串中删除该标识符。当你打开登录时,你可能会看到下面一行,表明这个问题:
[错误]不允许请求的范围:"offline_access"
在响应类型的末尾有一个空格
ResponseType = "id_token token ", // Added token was not in orginal code
将其删除并尝试。同时删除offline_access作用域