首页 新闻 会员 周边

IdentityServer4 AuthenticationScheme: Bearer was challenged.

-1
[待解决问题]

IdentityServer4 客户端模式
成功拿到 token 了
请求接口 却返回 404 (头部有带 token 参数 )

AuthenticationScheme: Bearer was challenged.

var client = new HttpClient();

        var response = await client.RequestTokenAsync(new TokenRequest
        {
            Address = "http://localhost:5000/connect/token",
            GrantType = "client_credentials",

            ClientId = "client",
            ClientSecret = "secret",

            Parameters =
{
    { "custom_parameter", "custom value"},
    { "scope", "api1" }
}
        });
        var r = response.AccessToken;

        var client2 = new HttpClient();

        client2.SetBearerToken(r);
        var response2 = await client2.GetAsync("http://localhost:5001/WeatherForecast");

response2 返回 401

程序员编程日记的主页 程序员编程日记 | 初学一级 | 园豆:6
提问于:2019-12-06 15:33
< >
分享
所有回答(2)
-1

SetBearerToken实现是什么?

心雨纷扬 | 园豆:309 (菜鸟二级) | 2019-12-06 15:57

请求的 头部 token

支持(1) 反对(0) 程序员编程日记 | 园豆:6 (初学一级) | 2019-12-06 15:59

@心雨纷扬:
id4 https://github.com/conanl5566/dotnet-core-Example/tree/master/WebApplication25
api https://github.com/conanl5566/dotnet-core-Example/tree/master/WebApplication26

测试客户端 https://github.com/conanl5566/dotnet-core-Example/tree/master/ConsoleApp7

支持(1) 反对(0) 程序员编程日记 | 园豆:6 (初学一级) | 2019-12-06 16:32

@conan_lin: 服务器配置问题
服务器加入一下配置

services.AddIdentityServer()
.AddJwtBearerClientAuthentication()

    public static class Test
    {
        /// <summary>
        /// Adds support for client authentication using JWT bearer assertions.
        /// </summary>
        /// <param name="builder">The builder.</param>
        /// <returns></returns>
        public static IIdentityServerBuilder AddJwtBearerClientAuthentication(this IIdentityServerBuilder builder)
        {
            builder.AddSecretParser<JwtBearerClientAssertionSecretParser>();
            builder.AddSecretValidator<PrivateKeyJwtSecretValidator>();

            return builder;
        }
    }
支持(1) 反对(0) 心雨纷扬 | 园豆:309 (菜鸟二级) | 2019-12-06 17:42

东西有点多,我提交下吧

支持(0) 反对(0) 心雨纷扬 | 园豆:309 (菜鸟二级) | 2019-12-06 17:50

给你推了一个pullrequest,不过改动有点多,因为我删除了不相干的项目,你也可以看我的

https://github.com/xyfy/dotnet-core-Example/tree/Ids4

支持(0) 反对(0) 心雨纷扬 | 园豆:309 (菜鸟二级) | 2019-12-06 18:00

支持(0) 反对(0) 心雨纷扬 | 园豆:309 (菜鸟二级) | 2019-12-06 18:05
0

http://localhost:5001/WeatherForecast这个服务配置如何验证token了吗?不然肯定401啊

Timetombs | 园豆:3954 (老鸟四级) | 2019-12-06 16:42

services.AddAuthentication("Bearer")
.AddIdentityServerAuthentication(options =>
{
options.Authority = "http://localhost:5000"; //配置Identityserver的授权地址
options.RequireHttpsMetadata = false; //不需要https
options.ApiName = "a"; //api的name,需要和config的名称相同
});

[Authorize]
[ApiController]
[Route("[controller]")]
public class WeatherForecastController : ControllerBase

支持(0) 反对(0) 程序员编程日记 | 园豆:6 (初学一级) | 2019-12-06 16:44

@conan_lin: 那有具体点的错误提示吗,401看起来是token有误,或者是5001服务在验证token的时候出错了。 查下5001的在接受到api请求的详细log

支持(0) 反对(0) Timetombs | 园豆:3954 (老鸟四级) | 2019-12-06 17:02
清除回答草稿
   您需要登录以后才能回答,未注册用户请先注册