Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
483 views
in Technique[技术] by (71.8m points)

asp.net-core - asp.net核心中IdentityServer4中的无效客户端[重复](Invalid Client in IdentityServer4 in asp.net core [duplicate])

I'm using IdentityServer4 for authentication and I have a client as a console application.

(我正在使用IdentityServer4进行身份验证,并且有一个客户端作为控制台应用程序。)

I set the config in IdentityServer as follow:

(我在IdentityServer中将配置设置如下:)

new Client
{
    ClientId = "online.console.client",
    ClientName = "backoffice",
    AllowedGrantTypes = GrantTypes.ClientCredentials,
    ClientSecrets =
    {
        new Secret("secret".ToSha256())
    },
    AllowedScopes =
    {
        "webapi"
    }
}

And the client calling IdentityServer like here:

(客户端像下面这样调用IdentityServer:)

private static async Task<TokenResponse> RequestTokenAsync()
{
    var client = new HttpClient();

    var disco = await client.GetDiscoveryDocumentAsync("http://localhost:5001");
    if (disco.IsError)
    {
        throw new Exception(disco.Error);
    }

    var response = await client.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest
    {
        Address = disco.TokenEndpoint,

        ClientId = "online.console.client",
        Scope = "webapi",
        ClientSecret = "secret".ToSha256()
    });

    if (response.IsError)
    {
        throw new Exception(response.Error);
    }

    return response;
}

The reponse has error:

(响应有错误:)

fail: IdentityServer4.Validation.ClientSecretValidator[0]

(失败:IdentityServer4.Validation.ClientSecretValidator [0])

  Client secret validation failed for client: online.console.client. 

Where is my problem?

(我的问题在哪里?)

I guess the client has wrong config.

(我猜客户端配置错误。)

  ask by Saeid Mirzaei translate from so

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

In the client it's not required to call ToSha256 for ClientSecret.

(在客户端中,无需为ClientSecret调用ToSha256。)

You start true in server config but next do false for client.

(您在服务器配置中开始为true,但是接下来为客户端执行false。)

so all that is need to do:

(因此,所有需要做的是:)

ClientSecret =  "secret"

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...