6

我目前在使用 swagger 授权对身份服务器 4 的 api 调用时遇到问题。
我的 swagger 依赖项是在身份服务器 4 中使用 swashbuckle version -beta 客户端对象看起来像

new Client
{
    ClientId="swagger",
    Enabled = true,
    ClientName="Swagger",
    AllowedGrantTypes = GrantTypes.Implicit,
    ClientSecrets = new List<Secret>
    {
        new Secret("secret".Sha256())
    },
    AllowedScopes = new List<string>
    {
        "apil"
    },
    RedirectUris = new List<string>
    {
        "http://localhost:15138/swagger/ui/popup.html"
    },
    AllowedCorsOrigins = new List<string>
    {
        "http://localhost:15138",
        "http://localhost:15138"
    },
    AllowAccessTokensViaBrowser = true,
    AllowAccessToAllScopes= true
}

客户端对象是身份验证配置方法中的身份服务器4模型我有这个

app.UseIdentityServer();
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap = new Dictionary<string, string>();
app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
{
    Authority = "http://localhost:15138/",
    ScopeName = "apil",
    RequireHttpsMetadata = false,

});

使用提琴手我的获取请求看起来像这样

GET /connect/authorize?state=9321480892748389&nonce=5279296493808222&client_id=swagger&redirect_uri=http%3A%2F%2Flocalhost%3A15138%2Fswagger%2Fui%2Fpopup.html&response_type=id_token%20token&scope=apil HTTP/1.1

所有必要的参数都在那里,客户端具有相应的客户端 ID,但我得到的响应是重定向到错误页面,并带有无效请求的消息。我期待一个登录页面传递凭据或类似的东西来获得授权,我想知道我做错了什么导致这种情况发生。

4

1 回答 1

8

我遇到了同样的问题,它与一些不同的事情有关。

  1. Swagger 需要配置安全定义。

  2. IdentityServerAuthentication AutomaticAuthenticate 需要为真。

  3. Swagger 的 client-id 和 client name 需要在 Startup.cs 中配置。

见下文:

public void ConfigureServices(IServiceCollection services)
{
    services.AddSwaggerGen(c => {
        c.SwaggerDoc("v1", new Info
        {
            Version = "v1",
            Title = "my api title",
            Description = "my api desc",
            TermsOfService = "None",
            Contact = new Contact { Name = "contact" }
        });

        var filePath = Path.Combine(PlatformServices.Default.Application.ApplicationBasePath, "api.xml");
        c.IncludeXmlComments(filePath);

        c.AddSecurityDefinition("oauth2", new OAuth2Scheme
        {
            Type = "oauth2",
            Flow = "implicit",
            AuthorizationUrl = "https://url",
            Scopes = new Dictionary<string, string>
            {
                { "api-name", "my api" }
            }
        });
    });
}

public void Configure(IApplicationBuilder app, ILoggerFactory    loggerFactory)
{
    loggerFactory.AddConsole(Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();

    app.UseIdentity();

    app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
    {
        Authority = "https://url",
        RequireHttpsMetadata = true,
        ApiName = "api-name",
        ApiSecret = "api-secret",
        AllowedScopes = { "api-name", "openid", "email", "profile" },
        ClaimsIssuer = "https://url",
        AutomaticAuthenticate = true,
    });

    app.UseStaticFiles();
    app.UseMvc();

    // Enable middleware to serve generated Swagger as a JSON endpoint
    app.UseSwagger();

    // Enable middleware to serve swagger-ui assets (HTML, JS, CSS etc.)
    app.UseSwaggerUi(c =>
    {
        c.ConfigureOAuth2("swagger-name", "swagger-secret", "swagger-realm", "Swagger");
    });
}
于 2017-02-18T19:41:16.020 回答