第一次在这里寻求帮助,希望我能以正确的方式解释我的问题。
我有一个.NET Core 3.0 MVC应用程序正在运行,并且正在尝试向其添加Identity Server 4身份验证。我正在努力解决以下问题。
Sorry, there was an error : invalid_scope
Invalid scope
在日志中我收到此消息
[[ERR]无效范围:配置文件
[[ERR]请求验证失败
在下面的行中,当检查范围时,在信息日志中显示以下JSON对象,并且在这里看不到什么问题。
“ scope”:“ openid个人资料”,
“ RequestedScopes ::” openid个人资料“
这里是Identity Server项目的config.cs文件
public static IEnumerable<IdentityResource> Ids =>
new IdentityResource[]
{
new IdentityResources.OpenId()
};
public static IEnumerable<ApiResource> Apis =>
new ApiResource[]
{ };
public static IEnumerable<Client> Clients =>
new Client[]
{
new Client
{
ClientId = "mvc",
ClientName = "Festival MVC",
AllowedGrantTypes = GrantTypes.Implicit,
RedirectUris = { "https://127.0.0.1:44330/signin-oidc" },
PostLogoutRedirectUris = { "https://127.0.0.1:44330/signout-callback-oidc" },
AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId }
}
};
}
Startup.cs
public void ConfigureServices(IServiceCollection services)
{
// uncomment, if you want to add an MVC-based UI
services.AddControllersWithViews();
var builder = services.AddIdentityServer()
.AddTestUsers(TestUsers.Users)
.AddInMemoryIdentityResources(Config.Ids)
.AddInMemoryApiResources(Config.Apis)
.AddInMemoryClients(Config.Clients);
// not recommended for production - you need to store your key material somewhere secure
builder.AddDeveloperSigningCredential();
}
public void Configure(IApplicationBuilder app)
{
if (Environment.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
// uncomment if you want to add MVC
app.UseStaticFiles();
app.UseRouting();
app.UseIdentityServer();
// uncomment, if you want to add MVC
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapDefaultControllerRoute();
});
}
在.NET Core MVC项目上,我在Startup.cs中配置了以下内容:>
public void ConfigureServices(IServiceCollection services) { JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); services.AddAuthentication(options => { options.DefaultScheme = "Cookies"; options.DefaultChallengeScheme = "oidc"; }) .AddCookie("Cookies") .AddOpenIdConnect("oidc", options => { options.SignInScheme = "Cookies"; options.Authority = "http://localhost:5000"; // Auth Server options.RequireHttpsMetadata = false; // only for development options.ClientId = "mvc"; // client setup in Auth Server options.SaveTokens = true; }); services.AddControllersWithViews(); services.AddDbContext<FestivalContext>(); } public void Configure(IApplicationBuilder app, IWebHostEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseExceptionHandler("/Home/Error"); app.UseHsts(); } app.UseHttpsRedirection(); app.UseStaticFiles(); app.UseAuthentication(); app.UseRouting(); app.UseAuthorization(); app.UseEndpoints(endpoints => { endpoints.MapControllerRoute( name: "default", pattern: "{controller=Home}/{action=Index}/{id?}"); }); } }如果您需要其他任何信息或代码段,请随时发布。在此先感谢您的问候,肛门!
第一次在这里寻求帮助,希望我能以正确的方式解释我的问题。我已经启动并正在运行.NET Core 3.0 MVC应用程序,并且试图向其添加Identity Server 4身份验证。 ...
客户端被配置为仅允许OpenId范围: