用于oidc的.net核心标识服务器4身份验证处理程序
用于oidc的.net核心标识服务器4身份验证处理程序
提问于 2018-02-20 18:44:26
我在身份验证方面遇到了问题。当我尝试连接到identity server时,它抛出一个错误。当我在identity server上时,可以成功登录,但当我尝试从web应用程序连接到identity server时,会抛出以下错误。
有谁能看看我做错了什么吗?
错误:“没有配置身份验证处理程序来处理方案: oidc”
我在我的网站Startup.cs中使用了以下代码
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(options =>
{
options.DefaultScheme =
CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme =
OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(options =>
{
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.Authority = "http://localhost:5000"; // Auth Server
options.RequireHttpsMetadata = false; // only for development
options.ClientId = "mvc"; // client setup in Auth Server
options.ClientSecret = Configuration["Identity_Server:Client_Secret"].Sha256();
options.ResponseType = "code id_token"; // means Hybrid flow
options.Scope.Add("API1");
options.GetClaimsFromUserInfoEndpoint = true;
options.SaveTokens = true;
});
services.AddMvc();我在Identity Startup.cs中使用了以下内容
services.AddDbContext<DbContext>(options =>
options.UseMySQL(Configuration.GetConnectionString("MySQL")));
services.AddIdentity<ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores<DbContext>()
.AddDefaultTokenProviders();
// Add application services.
services.AddTransient<IEmailSender, EmailSender>();
var config = new Config(Configuration);
services.AddIdentityServer()
.AddDeveloperSigningCredential(filename: "tempkey.rsa")
.AddInMemoryIdentityResources(config.GetIdentityResources())
.AddInMemoryApiResources(config.GetApiResources())
.AddInMemoryClients(config.GetClients())
.AddAspNetIdentity<ApplicationUser>();
services.AddMvc();我在我的配置文件中使用了以下内容
private static IConfiguration _config;
public Config(IConfiguration configuration)
{
_config = configuration;
}
public IEnumerable<Client> GetClients()
{
return new List<Client>
{
new Client
{
ClientId = "mvc",
ClientName = "MVC Client",
AllowedGrantTypes = GrantTypes.Hybrid,
RequireConsent = false,
ClientSecrets =
{
new Secret(_config["secret"].Sha256())
},
RedirectUris = { "http://localhost:5002/signin-oidc" },
PostLogoutRedirectUris = { "http://localhost:5002/signout-callback-oidc" },
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"API1"
},
AllowOfflineAccess = true
}
};
}
public IEnumerable<IdentityResource> GetIdentityResources()
{
return new List<IdentityResource>
{
new IdentityResources.OpenId(),
new IdentityResources.Profile(),
};
}
public IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>()
{
new ApiResource("API1", "Allow to Manage API1")
};
}回答 1
Stack Overflow用户
回答已采纳
发布于 2018-02-20 18:50:12
您需要如下定义的名称、挑战和处理程序:
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
})
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>
{
options.SignInScheme = "Cookies";
options.Authority = "http://localhost:5000";
options.RequireHttpsMetadata = false;
options.ClientId = "mvc";
options.SaveTokens = true;
});}
http://docs.identityserver.io/en/release/quickstarts/3_interactive_login.html
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/48883412
复制相关文章
相似问题
腾讯云开发者
