程序员经验分享-hwhale

Oauth2 与 Postman 和 IdentityServer4

2024-01-11

我正在尝试在我的 Identity Server 4 上使用 Postman 进行身份验证。它适用于 .Net Code 2,但我最近更新到 .Net Core 3 并进行了调整。我可以打开登录页面,可以登录,但无法正确重定向。停留在登录页面上,每次单击“登录”时,我都会在登录页面上循环。

首先这是我的邮递员设置

当我单击请求令牌时,我会看到此页面

所以我的登录名和密码是正确的,但我一直在这个页面上循环。

这是我的代码:

using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;

namespace Oyg.IdentityServer
{
    public class Startup
    {
        public IWebHostEnvironment Environment { get; }

        public Startup(IWebHostEnvironment environment)
        {
            Environment = environment;
        }

        public void ConfigureServices(IServiceCollection services)
        {
            // uncomment, if you want to add an MVC-based UI
            services.AddControllersWithViews();

            var builder = services.AddIdentityServer()
                .AddInMemoryIdentityResources(Config.GetIdentityResources())
                .AddInMemoryApiResources(Config.GetApiResources())
                .AddInMemoryClients(Config.GetClients())
                .AddDeveloperSigningCredential(persistKey: false)
                .AddTestUsers(Config.GetUsers());

            // not recommended for production - you need to store your key material somewhere secure
            builder.AddDeveloperSigningCredential();
        }

        public void Configure(IApplicationBuilder app)
        {
            if (Environment.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            // uncomment if you want to add MVC
            app.UseStaticFiles();
            app.UseRouting();

            app.UseIdentityServer();

            // uncomment, if you want to add MVC
            app.UseAuthorization();
            app.UseEndpoints(endpoints =>
            {
                endpoints.MapDefaultControllerRoute();
            });
        }
    }
}

我也给你我的部分配置

public static IEnumerable<Client> GetClients()
        {
            return new List<Client>()
            {
                new Client
                {
                    ClientName = "Postman", //_configuration.GetSection("PostmanClient").GetValue<string>("ClientName"),
                    ClientId = "f26ee5d6-****.local.app", //_configuration.GetSection("PostmanClient").GetValue<string>("ClientId"),
                    AllowedGrantTypes = GrantTypes.Code,
                    AllowOfflineAccess = true,
                    IdentityTokenLifetime = 60 * 60 * 24,
                    AccessTokenLifetime = 60 * 60 * 24,
                    RedirectUris = new List<string>()
                    {
                        "https://www.getpostman.com/oauth2/callback"
                    },
                    PostLogoutRedirectUris = new List<string>()
                    {
                        "https://www.getpostman.com"
                    },
                    AllowedCorsOrigins = new List<string>()
                    {
                        "https://www.getpostman.com"
                    },
                    AllowedScopes =
                    {
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                        "api",
                        "roles"
                    },
                    ClientSecrets = new List<Secret>
                    {
                        new Secret("123456".Sha256())
                    },
                    AllowAccessTokensViaBrowser = true,
                    RequireConsent = false,
                    EnableLocalLogin = true,
                    Enabled = true
                }
             };

        }

我也可以给你这个

{
"issuer": "https://localhost:44367",
"jwks_uri": "https://localhost:44367/.well-known/openid-configuration/jwks",
"authorization_endpoint": "https://localhost:44367/connect/authorize",
"token_endpoint": "https://localhost:44367/connect/token",
"userinfo_endpoint": "https://localhost:44367/connect/userinfo",
"end_session_endpoint": "https://localhost:44367/connect/endsession",
"check_session_iframe": "https://localhost:44367/connect/checksession",
"revocation_endpoint": "https://localhost:44367/connect/revocation",
"introspection_endpoint": "https://localhost:44367/connect/introspect",
"device_authorization_endpoint": "https://localhost:44367/connect/deviceauthorization",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true,
"backchannel_logout_supported": true,
"backchannel_logout_session_supported": true,
"scopes_supported": [
"openid",
"profile",
"roles",
"oygapi",
"offline_access"
],
"claims_supported": [
"sub",
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at",
"role"
],
"grant_types_supported": [
"authorization_code",
"client_credentials",
"refresh_token",
"implicit",
"password",
"urn:ietf:params:oauth:grant-type:device_code"
],
"response_types_supported": [
"code",
"token",
"id_token",
"id_token token",
"code id_token",
"code token",
"code id_token token"
],
"response_modes_supported": [
"form_post",
"query",
"fragment"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"subject_types_supported": [
"public"
],
"code_challenge_methods_supported": [
"plain",
"S256"
],
"request_parameter_supported": true
}

日志要求:

[09:22:07 Information]
Starting host...

[09:22:13 Information] IdentityServer4.Startup
Starting IdentityServer4 version 3.0.1.0

[09:22:13 Information] IdentityServer4.Startup
You are using the in-memory version of the persisted grant store. This will store consent decisions, authorization codes, refresh and reference tokens in memory only. If you are using any of those features in production, you want to switch to a different store implementation.

[09:22:13 Information] IdentityServer4.Startup
Using the default authentication scheme idsrv for IdentityServer

[09:22:13 Debug] IdentityServer4.Startup
Using idsrv as default ASP.NET Core scheme for authentication

[09:22:13 Debug] IdentityServer4.Startup
Using idsrv as default ASP.NET Core scheme for sign-in

[09:22:13 Debug] IdentityServer4.Startup
Using idsrv as default ASP.NET Core scheme for sign-out

[09:22:13 Debug] IdentityServer4.Startup
Using idsrv as default ASP.NET Core scheme for challenge

[09:22:13 Debug] IdentityServer4.Startup
Using idsrv as default ASP.NET Core scheme for forbid

[09:22:15 Debug] IdentityServer4.Startup
Login Url: /Account/Login

[09:22:15 Debug] IdentityServer4.Startup
Login Return Url Parameter: ReturnUrl

[09:22:15 Debug] IdentityServer4.Startup
Logout Url: /Account/Logout

[09:22:15 Debug] IdentityServer4.Startup
ConsentUrl Url: /consent

[09:22:15 Debug] IdentityServer4.Startup
Consent Return Url Parameter: returnUrl

[09:22:15 Debug] IdentityServer4.Startup
Error Url: /home/error

[09:22:15 Debug] IdentityServer4.Startup
Error Id Parameter: errorId

[09:22:15 Debug] IdentityServer4.Hosting.EndpointRouter
Request path /.well-known/openid-configuration matched to endpoint type Discovery

[09:22:15 Debug] IdentityServer4.Hosting.EndpointRouter
Endpoint enabled: Discovery, successfully created handler: IdentityServer4.Endpoints.DiscoveryEndpoint

[09:22:15 Information] IdentityServer4.Hosting.IdentityServerMiddleware
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.DiscoveryEndpoint for /.well-known/openid-configuration

[09:22:15 Debug] IdentityServer4.Endpoints.DiscoveryEndpoint
Start discovery request

[09:22:29 Debug] IdentityServer4.Hosting.EndpointRouter
Request path /connect/authorize matched to endpoint type Authorize

[09:22:29 Debug] IdentityServer4.Hosting.EndpointRouter
Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeEndpoint

[09:22:29 Information] IdentityServer4.Hosting.IdentityServerMiddleware
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize

[09:22:29 Debug] IdentityServer4.Endpoints.AuthorizeEndpoint
Start authorize request

[09:22:30 Debug] IdentityServer4.Endpoints.AuthorizeEndpoint
No user present in authorize request

[09:22:30 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Start authorize request protocol validation

[09:22:30 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client f26ee5d6-de33-4375-bc79-54550efa43d9.local.app succeeded.

[09:22:30 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Checking for PKCE parameters

[09:22:30 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
No PKCE used.

[09:22:30 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator

[09:22:30 Debug] IdentityServer4.Endpoints.AuthorizeEndpoint
ValidatedAuthorizeRequest
{"ClientId": "f26ee5d6-de33-4375-bc79-54550efa43d9.local.app", "ClientName": "Postman", "RedirectUri": "https://www.getpostman.com/oauth2/callback", "AllowedRedirectUris": ["https://www.getpostman.com/oauth2/callback"], "SubjectId": "anonymous", "ResponseType": "code", "ResponseMode": "query", "GrantType": "authorization_code", "RequestedScopes": "openid profile", "State": null, "UiLocales": null, "Nonce": null, "AuthenticationContextReferenceClasses": null, "DisplayMode": null, "PromptMode": null, "MaxAge": null, "LoginHint": null, "SessionId": null, "Raw": {"response_type": "code", "state": "", "client_id": "f26ee5d6-de33-4375-bc79-54550efa43d9.local.app", "scope": "openid profile", "redirect_uri": "https://www.getpostman.com/oauth2/callback"}, "$type": "AuthorizeRequestValidationLog"}

[09:22:30 Information] IdentityServer4.ResponseHandling.AuthorizeInteractionResponseGenerator
Showing login: User is not authenticated

[09:22:30 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Start authorize request protocol validation

[09:22:30 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client f26ee5d6-de33-4375-bc79-54550efa43d9.local.app succeeded.

[09:22:30 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Checking for PKCE parameters

[09:22:30 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
No PKCE used.

[09:22:30 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator

[09:22:30 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client f26ee5d6-de33-4375-bc79-54550efa43d9.local.app succeeded.

[09:22:39 Debug] IdentityServer4.Hosting.CorsPolicyProvider
CORS request made for path: /Account/Login from origin: null but was ignored because path was not for an allowed IdentityServer CORS endpoint

[09:22:39 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Start authorize request protocol validation

[09:22:39 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client f26ee5d6-de33-4375-bc79-54550efa43d9.local.app succeeded.

[09:22:39 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Checking for PKCE parameters

[09:22:39 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
No PKCE used.

[09:22:39 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator

[09:22:39 Debug] IdentityServer4.Hosting.IdentityServerAuthenticationService
Augmenting SignInContext

[09:22:39 Debug] IdentityServer4.Hosting.IdentityServerAuthenticationService
Adding idp claim with value: local

[09:22:39 Debug] IdentityServer4.Hosting.IdentityServerAuthenticationService
Adding amr claim with value: pwd

[09:22:39 Information] Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme: idsrv signed in.

[09:22:39 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client f26ee5d6-de33-4375-bc79-54550efa43d9.local.app succeeded.

[09:22:39 Debug] IdentityServer4.Hosting.EndpointRouter
Request path /connect/authorize/callback matched to endpoint type Authorize

[09:22:39 Debug] IdentityServer4.Hosting.EndpointRouter
Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeCallbackEndpoint

[09:22:39 Information] IdentityServer4.Hosting.IdentityServerMiddleware
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeCallbackEndpoint for /connect/authorize/callback

[09:22:39 Debug] IdentityServer4.Endpoints.AuthorizeCallbackEndpoint
Start authorize callback request

[09:22:39 Debug] IdentityServer4.Endpoints.AuthorizeCallbackEndpoint
No user present in authorize request

[09:22:39 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Start authorize request protocol validation

[09:22:39 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client f26ee5d6-de33-4375-bc79-54550efa43d9.local.app succeeded.

[09:22:39 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Checking for PKCE parameters

[09:22:39 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
No PKCE used.

[09:22:39 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator

[09:22:39 Debug] IdentityServer4.Endpoints.AuthorizeCallbackEndpoint
ValidatedAuthorizeRequest
{"ClientId": "f26ee5d6-de33-4375-bc79-54550efa43d9.local.app", "ClientName": "Postman", "RedirectUri": "https://www.getpostman.com/oauth2/callback", "AllowedRedirectUris": ["https://www.getpostman.com/oauth2/callback"], "SubjectId": "anonymous", "ResponseType": "code", "ResponseMode": "query", "GrantType": "authorization_code", "RequestedScopes": "openid profile", "State": null, "UiLocales": null, "Nonce": null, "AuthenticationContextReferenceClasses": null, "DisplayMode": null, "PromptMode": null, "MaxAge": null, "LoginHint": null, "SessionId": null, "Raw": {"response_type": "code", "state": "", "client_id": "f26ee5d6-de33-4375-bc79-54550efa43d9.local.app", "scope": "openid profile", "redirect_uri": "https://www.getpostman.com/oauth2/callback"}, "$type": "AuthorizeRequestValidationLog"}

[09:22:39 Information] IdentityServer4.ResponseHandling.AuthorizeInteractionResponseGenerator
Showing login: User is not authenticated

[09:22:39 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Start authorize request protocol validation

[09:22:39 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client f26ee5d6-de33-4375-bc79-54550efa43d9.local.app succeeded.

[09:22:39 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Checking for PKCE parameters

[09:22:39 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
No PKCE used.

[09:22:39 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator

[09:22:39 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client f26ee5d6-de33-4375-bc79-54550efa43d9.local.app succeeded.

[09:22:46 Debug] IdentityServer4.Hosting.CorsPolicyProvider
CORS request made for path: /Account/Login from origin: null but was ignored because path was not for an allowed IdentityServer CORS endpoint

[09:22:46 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Start authorize request protocol validation

[09:22:46 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client f26ee5d6-de33-4375-bc79-54550efa43d9.local.app succeeded.

[09:22:46 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Checking for PKCE parameters

[09:22:46 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
No PKCE used.

[09:22:46 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator

[09:22:46 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Start authorize request protocol validation

[09:22:46 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client f26ee5d6-de33-4375-bc79-54550efa43d9.local.app succeeded.

[09:22:46 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Checking for PKCE parameters

[09:22:46 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
No PKCE used.

[09:22:46 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator

[09:22:46 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client f26ee5d6-de33-4375-bc79-54550efa43d9.local.app succeeded.

None

本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)

oauth20

postman

IdentityServer4

aspnetcore30

netcore30

Oauth2 与 Postman 和 IdentityServer4 的相关文章

随机推荐

  • Gson用不同的数据解析相同的密钥

    如何解析服务器接收到的包含不同键值的数据 location id 1 id 2 and location id 1 不确定如何处理以下对象 public class UserLocation SerializedName location

  • 要求关联类型可以在 @convention(c) 块中表示

    我想要一种通用的方法来做类似 Swift 3 的事情 public protocol Callable associatedtype In CVarArg associatedtype Out CVarArg public struct I

  • 如何让 Twitter 引导日期选择器与 Meteor 一起使用?

    我宁愿使用 Bootstrap 的 Meteor 包实现 而不是文件较少的版本 但我很难让日期选择器工作 似乎有处于不同状态的三个版本 最后一个版本由 Aymkdn 编译并准备就绪 http www eyecon ro bootstrap

  • 如何将 JSON 数据加载到 A-Frame 组件中?

    将自定义 JSON 文件作为数据加载到 A 框架组件中的最佳方法是什么 例如 JSON 文件可能包含点的坐标 我想将文件作为资产加载并在组件中使用解析后的 json 对象 coordinates x 0 y 1 z 2 You can 在架

  • XSL:有没有一种简单的方法可以防止寡妇?

    我本来希望打电话

  • Android Studio 错误:无法解析 Xml 中的符号

    我正在关注 google Android Studio 第一个 Android 应用程序教程 但是当我尝试向我的应用程序添加搜索栏时 我现在遇到了 3 个奇怪的错误 我现在就在这里 就像教程一样添加了 XML 代码 http develop

  • 在随机坐标数组中使用 CollideRect

    现在 我的游戏正确地将所有图像传输到随机位置 并且也正确获取图像的矩形 但我不知道如何使用 colliderect 来确保图像不重叠 它如何适用于我的代码 另外 我试图让第一个文本淡出 但我不知道为什么它对我不起作用 这是代码 class

  • 在 Angular2 应用程序中运行 ng 服务时出现错误“无法读取未定义的属性‘长度’”

    使用 angular cli 命令 ng serve 运行 angular2 应用程序时 我遇到以下问题 电子邮件受保护 cdn cgi l email protection启动 C Users padmavathi Downloads p

  • 如何向 AVPlayerViewController 添加自定义按钮?

    有没有什么方法可以将 向后 前进跳过 30 分钟 按钮添加到子类 AVPlayerViewController 中 使其看起来像原生的 就像播放 暂停按钮一样 实际上没有 好的 方法可以做到这一点 Apple 保持 AVPlayerView

  • 为什么切片值有时会过时但永远不会映射值?

    我发现切片映射函数和通道经常被一起提到参考类型 但是我注意到切片某些东西没有表现出任何参考行为 就像它们可能会变得陈旧一样 var s int must update slice value s append s or must use p

  • iOS LinkedIn 身份验证

    我开始使用 Swift 开发 iOS 应用程序 现在我需要创建一个登录系统 然而 我们需要人们提供的 LinkedIn 信息 如何在 iOS 中使用 OAuth2 API 来实现此目的 我已经在 LinkedIn 开发人员区域创建了一个应用

  • 如果集合中已存在临时元素,是否允许“[unordered_]set::emplace()”不构造临时元素?

    这个答案 https stackoverflow com a 77245073 2752075指出了一些有趣的事情 一个天真的实现std unordered set

  • 参数中的 Java“new”关键字

    最近我研究了很多 OOP 设计模式 遇到了一些以前从未见过的奇怪的事情 Button button new Button shell SWT PUSH button addSelectionListener new SelectionAda

  • 跨平台改变java进程优先级的方法

    我需要在单独的 JVM 中与另一个 java 应用程序调用 jar 文件 它非常消耗 CPU 因此它应该以后台优先级运行 以免影响系统的其余部分 有没有跨平台的方法来做到这一点 简单的答案是 没有可移植的方法来更改 Java 中进程的优先级

  • 无法解析方法,为什么?

    方法setDateListener DateListener dl 无法解决 它是公共的 我在包含该方法的 DatePickerFragment java 类的对象上使用它 这里是onCreateView 片段中的方法setDateList

  • C++ 刷新缓冲区

    我知道这里有很多缓冲区问题 但我似乎找不到明确的答案 std cout lt lt write to screen lt lt std endl 我知道这段代码会因为 endl 而写入屏幕并刷新缓冲区 但如果我这样写 std cout lt

  • 如何创建参数化 SQL 查询?我为什么要?

    我听说 每个人 都在使用参数化 SQL 查询来防止 SQL 注入攻击 而不必验证每一条用户输入 你怎么做到这一点 使用存储过程时会自动获取此信息吗 所以我的理解这是非参数化的 cmdText String Format SELECT foo

  • Function 对象是否必要

    创建如下函数是常见且容易的 var f function alert something 那么为什么会有函数对象 like var f new Function alert something 后者很难写 读 我只能想到一种情况 即有人在网

  • Ant在表单中设计DatePicker

    我在用着DatePicker组件来自antd在表单内并想要更改默认值onChange and value中的道具数DatePicker但它不起作用

  • Oauth2 与 Postman 和 IdentityServer4

    我正在尝试在我的 Identity Server 4 上使用 Postman 进行身份验证 它适用于 Net Code 2 但我最近更新到 Net Core 3 并进行了调整 我可以打开登录页面 可以登录 但无法正确重定向 停留在登录页面上

热门标签