缺少"aud"字样要求访问令牌 [英] Missing "aud" claim in access token
问题描述
出于我未知的原因,"aud"字样声明不存在于访问令牌中(尽管它存在于ID令牌中).
For unknown reason to me the "aud" claim is not present in access token (it is present in id token though).
将访问令牌发送到API后,出现以下错误:
Once access token is being sent to the API i get the following error:
承载者未通过身份验证.失败消息:IDX10214:听众验证失败.观众:空".不匹配:validationParameters.ValidAudience:"productconfigurationapi"或validationParameters.ValidAudiences:空".
Bearer was not authenticated. Failure message: IDX10214: Audience validation failed. Audiences: 'empty'. Did not match: validationParameters.ValidAudience: 'productconfigurationapi' or validationParameters.ValidAudiences: 'null'.
我知道我可以关闭受众验证,然后一切正常,但是我不明白为什么听"不是访问令牌的一部分.
I know i can turn off audience validation and everything works then but i don't get why "aud" is not part of the access token.
这是我的IS4配置:
客户:
new Client
{
ClientId = "Spa",
AllowedGrantTypes = GrantTypes.Implicit,
AllowAccessTokensViaBrowser = true,
AlwaysSendClientClaims = true,
AlwaysIncludeUserClaimsInIdToken = true,
AccessTokenType = AccessTokenType.Jwt,
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"productconfigurationapi"
},
RequireConsent = false
}
api资源:
new ApiResource("productconfigurationapi")
{
UserClaims =
{
JwtClaimTypes.Audience
}
}
API范围:
return new List<ApiScope>
{
new ApiScope("productconfigurationapi")
};
这是在其主机应用程序中配置IS4的方式:
and here's how IS4 is configured within its host application:
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddConfigurationStore(options =>
{
})
.AddOperationalStore(options =>
{
})
.AddAspNetIdentity<IdentityUser>()
.AddJwtBearerClientAuthentication();
推荐答案
您应通过设置Scopes属性将ApiScope绑定到ApiResource:
You should tie the ApiScope to the ApiResource by setting the Scopes property:
var api = new ApiResource("productconfigurationapi")
{
UserClaims =
{
JwtClaimTypes.Audience
},
Scopes = new List<string>
{
"productconfigurationapi"
},
};
这篇关于缺少"aud"字样要求访问令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
