如何从Identity Server击中令牌端点获取访问令牌，如何使用访存从React客户端传递凭据? [英] How to get access_token from Identity Server hitting token endpoint, passing credentials from react client using fetch?

问题描述

我需要通过来自React Client(获取)的API调用从Identity Server获取访问令牌.我不想从Identity Server(隐式流)加载登录UI，输入凭证，重定向到redirect_uri，然后从URL获取access_token.我只想将凭据通过API调用(提取)传递给令牌端点，并从react客户端获取访问令牌(类似于

I need to get access token from Identity Server through an API call from react client (fetch). I don't want to load the login UI from Identity Server (implicit flow), enter credentials, redirect to the redirect_uri and then get the access_token from the url. I just want to pass the credentials through an API call (fetch) to Token endpoint and get the access token from react client (similar to http://docs.identityserver.io/en/release/endpoints/token.html).

终结点是- http://localhost/identityserver/core/connect/token

我还应该传递给fetch调用什么其他数据?

What are all the other data should I pass to the fetch call?

以下是ID支持的响应和授予类型:

Following are the response and grant types supported by ids:

response_types_supported: [ "code", "token", "id_token", "id_token token", "code id_token", "code token", "code id_token token" ], grant_types_supported: [ "authorization_code", "client_credentials", "password", "refresh_token", "implicit" ],

response_types_supported: [ "code", "token", "id_token", "id_token token", "code id_token", "code token", "code id_token token" ], grant_types_supported: [ "authorization_code", "client_credentials", "password", "refresh_token", "implicit" ],

我可以知道如何使用oidc-client软件包( https://www来实现此目标. npmjs.com/package/oidc-client )?请让我知道是否需要更多详细信息，以便我可以使用更多信息来更新问题.

May I know how to achieve this using oidc-client package(https://www.npmjs.com/package/oidc-client)? Please let me know if more details are needed so that I can update the question with more information.

推荐答案

您需要使用密码"授予类型将消息发布到令牌端点:

You would need to post to the Token Endpoint using the Password grant type:

POST/连接/令牌

POST /connect/token

client_id =您的客户ID& client_secret =您的客户秘密& grant_type = password& 用户名=您的用户名和密码=您的用户名密码

client_id=yourclientid& client_secret=yourclientsecret& grant_type=password& username=yourusername&password=yourusernamespassword

这将返回一个访问令牌，而不是一个身份令牌.如果您需要访问用户的信息，则可以从 UserInfo端点.

This will return an Access Token not an Identity Token. If you need access to the user's information then you can obtain this from the UserInfo Endpoint.

oidc-client 帮助通过 Authorize Endpoint 对用户进行身份验证，因此无法使用 Token Endpoint

oidc-client helps authenticating a user via the Authorize Endpoint and therefore can't help with the Token Endpoint

这是文档关于密码授予的说明:

This is what the documentation says about the Password Grant:

规范建议仅将资源所有者密码授予用于 受信任"(或旧版)应用程序.一般来说，你是 通常，使用交互式OpenID Connect之一要好得多 当您想对用户进行身份验证并请求访问令牌时，该流程会流动.

The spec recommends using the resource owner password grant only for "trusted" (or legacy) applications. Generally speaking you are typically far better off using one of the interactive OpenID Connect flows when you want to authenticate a user and request access tokens.

这篇关于如何从Identity Server击中令牌端点获取访问令牌，如何使用访存从React客户端传递凭据?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！