Identity Server 4 ASP.NET快速入门“拒绝连接”

sauutmhj 于 2023-06-07 发布在 .NET

关注(0)|答案(2)|浏览(413)

我正在遵循Identity Server 4快速入门，尽管我一步一步地遵循它，但我遇到了一个奇怪的问题。
它说（从德语翻译）连接被目标计算机拒绝。奇怪的是，在API项目中，“我们”（我）说ValidateAudience = false，我认为这意味着令牌根本没有被验证。

// call api
var apiClient = new HttpClient();
apiClient.SetBearerToken(tokenResponse.AccessToken);

var response = await apiClient.GetAsync("https://localhost:6001/identity");
if (!response.IsSuccessStatusCode)
{
    Console.WriteLine(response.StatusCode);
}
else
{
    var content = await response.Content.ReadAsStringAsync();
    Console.WriteLine(JArray.Parse(content));
}

我真的很困惑。客户端确实得到了一个accessToken，所以这不是问题所在...希望如此
Github-Repo

Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token

[16:15:42 Debug] IdentityServer4.Endpoints.TokenEndpoint
Start token request.

[16:15:42 Debug] IdentityServer4.Validation.ClientSecretValidator
Start client validation

[16:15:42 Debug] IdentityServer4.Validation.BasicAuthenticationSecretParser
Start parsing Basic Authentication secret

[16:15:42 Debug] IdentityServer4.Validation.PostBodySecretParser
Start parsing for secret in post body

[16:15:42 Debug] IdentityServer4.Validation.ISecretsListParser
Parser found secret: PostBodySecretParser

[16:15:42 Debug] IdentityServer4.Validation.ISecretsListParser
Secret id found: client

[16:15:42 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client client succeeded.

[16:15:42 Debug] IdentityServer4.Validation.ISecretsListValidator
Secret validator success: HashedSharedSecretValidator

[16:15:42 Debug] IdentityServer4.Validation.ClientSecretValidator
Client validation success

[16:15:42 Debug] IdentityServer4.Validation.TokenRequestValidator
Start token request validation

[16:15:42 Debug] IdentityServer4.Validation.TokenRequestValidator
Start client credentials token request validation

[16:15:42 Debug] IdentityServer4.Validation.TokenRequestValidator
client credentials token request validation success

[16:15:42 Information] IdentityServer4.Validation.TokenRequestValidator
Token request validation success, {"ClientId": "client", "ClientName": null, "GrantType": "client_credentials", "Scopes": "api1", "AuthorizationCode": null, "RefreshToken": null, "UserName": null, "AuthenticationContextReferenceClasses": null, "Tenant": null, "IdP": null, "Raw": {"grant_type": "client_credentials", "scope": "api1", "client_id": "client", "client_secret": "***REDACTED***"}, "$type": "TokenRequestValidationLog"}

[16:15:42 Debug] IdentityServer4.Services.DefaultClaimsService
Getting claims for access token for client: client

[16:15:42 Debug] IdentityServer4.Endpoints.TokenEndpoint
Token request success.

asp.net

来源：https://stackoverflow.com/questions/63662353/identity-server-4-asp-net-quickstart-refused-connection

2条答案

按热度按时间

czfnxgou1#

我认为设置ValidateAudience = false只会忽略受众声明，但仍然验证令牌中的其他内容。
您可以将IncludeErrorDetails属性设置为true，如下所示：

.AddJwtBearer(options =>
        {

            options.Audience = "payment";
            options.Authority = "https://localhost:6001/";

            //True if token validation errors should be returned to the caller.
            options.IncludeErrorDetails = true;

当你将它设置为True时，你将在响应头中获得更多细节，比如：

HTTP/1.1 401 Unauthorized
Date: Sun, 02 Aug 2020 11:19:06 GMT
WWW-Authenticate: Bearer error="invalid_token", error_description="The signature is invalid"

为了进一步帮助您，请发布一个示例访问令牌和API配置（启动类）
请参阅本文了解更多详情。
为了补充这个答案，我写了一篇博客文章，更详细地介绍了这个主题：Troubleshooting JwtBearer authentication problems in ASP.NET Core。

赞(0）回复(0）举报 2023-06-07

z0qdvdin2#

所以在API/Properties/lauchsettings中....当生成工程时，它使用默认的sheme，并且在该sheme中，它设置端口43033或smth

赞(0）回复(0）举报 2023-06-07