无法在Blazor WASM Standalone应用程序上使用Google授权登录或获取访问令牌 [英] Cannot log in or get access token with Google Authorization on Blazor WASM Standalone app

问题描述

我在使用Blazor WASM Standalone应用程序将Google OIDC用作身份提供程序时遇到问题.这是我的appsettings.json.我目前已将 ResponseType 设置为 code .这就是导致它破裂的原因.如果将其设置为 id_token ，则可以登录，但是无法在组件中获取访问令牌.

I'm having trouble logging in using Google OIDC as an identity provider with my Blazor WASM Standalone app. Here is my appsettings.json. I currently have the ResponseType set to code. This is what is causing it to break. If I set it to id_token I can log in, but then cannot get the access token in my component.

 "Local": {
    "Authority": "https://accounts.google.com/",
    "ClientId": "4....apps.googleusercontent.com",
    "PostLogoutRedirectUri": "https://localhost:44380/authentication/logout-callback",
    "RedirectUri": "https://localhost:44380/authentication/login-callback",
    "ResponseType": "code"
  }

我的组件:

@using Microsoft.AspNetCore.Components.WebAssembly.Authentication;
@page "/projects"
@inject AuthenticationStateProvider _authenticationStateProvider
@inject IAccessTokenProvider _tokenProvider
<h3>Projects</h3>

@code {

    protected override async Task OnInitializedAsync()
    {
        var authstate = await _authenticationStateProvider.GetAuthenticationStateAsync();
        var accessTokenResult = await _tokenProvider.RequestAccessToken();
    }

}

Program.cs

Program.cs

public class Program
{
    public static async Task Main(string[] args)
    {
        var builder = WebAssemblyHostBuilder.CreateDefault(args);
        builder.RootComponents.Add<App>("#app");

        builder.Services.AddScoped(sp => new HttpClient { BaseAddress = new Uri(builder.HostEnvironment.BaseAddress) });

        builder.Services.AddOidcAuthentication(options =>
        {
            // Configure your authentication provider options here.
            // For more information, see https://aka.ms/blazor-standalone-auth
            builder.Configuration.Bind("Local", options.ProviderOptions);
            
        });

        await builder.Build().RunAsync();
    }
}

推荐答案

问题在于您为 ResponseType 设置的值.OIDC允许使用混合流和多种类型.如果您希望能够使用IAccessTokenProvider访问访问令牌，则需要在响应类型中添加 token .

The problem is with your the value you have set for the ResponseType. OIDC allows for hybrid flows and multiple types to be used. You need to add token to your response type if you want to be able to access the access token with the IAccessTokenProvider.

以下将起作用:

 "Local": {
    "Authority": "https://accounts.google.com/",
    "ClientId": "4....apps.googleusercontent.com",
    "PostLogoutRedirectUri": "https://localhost:44380/authentication/logout-callback",
    "RedirectUri": "https://localhost:44380/authentication/login-callback",
    "ResponseType": "id_token token"
  }

有关此问题的更多信息，请查看以下答案: OpenIDConnect响应类型混淆

For more info on this check out this answer: OpenIDConnect Response Type Confusion

这篇关于无法在Blazor WASM Standalone应用程序上使用Google授权登录或获取访问令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！