在客户端应用程序中使用OpenIdConnect的Invalid_client [英] Invalid_client using OpenIdConnect in client application
问题描述
我有一个运行ASP.NET Identity的IdentityServer4应用程序.我想使用它,以便来自其他应用程序的用户可以通过我的远程身份服务器登录.
I have an IdentityServer4 application running with ASP.NET Identity. I want to use that so users from another application can login through my remote identity server.
我已在身份服务器中为客户端应用程序配置了以下设置(仅显示相关设置):
I have configured a client application in identity server with the following settings (showing only relevant settings):
ClientId: mvc
ProtocolType: oidc
ClientSecret: K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=
(URLs to client app)
RedirectUri: https://localhost:44313/signin-oidc
PostLogoutRedirectUri: https://localhost:44313/signout-callback-oidc
GrantType: Hybrid
我的客户端应用程序(服务器端Blazor应用程序)在Startup.cs
中配置了以下设置.
My client application (server side Blazor app) has the following settings configured in Startup.cs
.
// Add authentication
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
.AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.RequireHttpsMetadata = false;
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.Authority = "http://localhost:5000/"; // local identity server url
options.ClientId = "mvc";
options.ClientSecret = "K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=";
options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("profile openid web_api");
});
启动客户端应用程序后,我将重定向到我的IdentityServer登录页面.然后,我可以使用用户名和密码登录.登录后,我将被重定向回我的客户端应用程序https://localhost:44313/signin-oidc
.
When I start my client app, I then get redirect to my IdentityServer login page. I can then login with a username and password. When I login I then get redirected back to my client application https://localhost:44313/signin-oidc
.
但随后在该页面上出现以下错误:
But then I get the following error on that page:
OpenIdConnectProtocolException:消息包含错误: 'invalid_client',错误说明:'error_description为空', error_uri:"error_uri为空".
OpenIdConnectProtocolException: Message contains error: 'invalid_client', error_description: 'error_description is null', error_uri: 'error_uri is null'.
在我看来,我使用的是正确的ClientId
?
To me it looks like I am using the correct ClientId
?
我做错了什么?
推荐答案
ClientSecret 应该包含未加密的值.看看文档
ClientSecret should contain the unencrypted value. Take a look at the documentation.
在您的情况下秘密.
options.ClientSecret = "secret";
我没有进一步看,所以如果此更改不能解决问题,请告诉我.
I didn't look further, so if this change doesn't solve it then please let me know.
这篇关于在客户端应用程序中使用OpenIdConnect的Invalid_client的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!