ASP网络核心标识服务器,";颁发者在生产环境中无效"; [英] ASP Net Core IdentityServer, "The issuer is invalid" on production environment
本文介绍了ASP网络核心标识服务器,";颁发者在生产环境中无效";的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正尝试在生产环境(AWS Elasticbeanstrik服务器)上部署一个使用IdentityServer的简单asp net核心项目;我的测试项目基本上是启用了身份验证的Visual Studio 2019的React.js模板。
在开发中一切正常,但在生产中,当尝试使用JWT令牌向API进行身份验证时出现错误。
WWW-Authenticate: Bearer error="invalid_token", error_description="The issuer 'http://***.elasticbeanstalk.com' is invalid"
使用的ACCESS_TOKEN是从调用返回的
POST http://***.elasticbeanstalk.com/connect/token
奇怪的行为是以下对
的请求GET http://***.elasticbeanstalk.com/connect/userinfo
它正确地返回了用户数据,此处使用的是access_Token,所以我认为该内标识是正确的。
很遗憾,对我的API的请求失败,出现上述错误。
我的Startup.cs代码如下:
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, ApplicationDbContext>();
services.AddAuthentication()
.AddIdentityServerJwt();
services.AddControllersWithViews();
services.AddRazorPages();
// In production, the React files will be served from this directory
services.AddSpaStaticFiles(configuration =>
{
configuration.RootPath = "ClientApp/build";
});
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseSpaStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseIdentityServer();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
app.UseSpa(spa =>
{
spa.Options.SourcePath = "ClientApp";
if (env.IsDevelopment())
{
spa.UseReactDevelopmentServer(npmScript: "start");
}
});
}
appsetting.json文件包含以下内容:
{
"ConnectionStrings": {
"DefaultConnection": "***"
},
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"IdentityServer": {
"Clients": {
"myapp": {
"Profile": "IdentityServerSPA",
"RedirectUris": [ "/signin-oidc" ]
}
},
"Key": {
"Type": "Store",
"StoreName": "My",
"StoreLocation": "LocalMachine",
"Name": "CN=http://***.elasticbeanstalk.com"
}
},
"AllowedHosts": "*"
}
推荐答案
在启动时设置您的域地址
services.AddIdentityServer(options =>
{
options.IssuerUri = "http://***.elasticbeanstalk.com";
})
这篇关于ASP网络核心标识服务器,";颁发者在生产环境中无效";的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文