我目前正在评估 AppAuth ( https://appauth.io/ ) 以在本机移动应用程序中与当前使用 IdentityServer3 的 STS 一起使用。我已经像这样配置了一个客户端:
new IdentityServer3.Core.Models.Client
{
Enabled = true,
ClientId = "app",
ClientName = "app",
ClientUri = "app:/",
Flow = Flows.AuthorizationCodeWithProofKey,
RequireConsent = false,
RequireSignOutPrompt = false,
SlidingRefreshTokenLifetime = 28800,
AllowAccessTokensViaBrowser = true,
RedirectUris = new List<string>
{
"app:/signin"
},
PostLogoutRedirectUris = new List<string>
{
"app:/signout"
},
AllowedScopes = new List<string>
{
StandardScopes.OpenId.Name.Name,
StandardScopes.Email.Name.Name,
StandardScopes.Profile.Name.Name,
StandardScopes.Roles.Name.Name,
StandardScopes.OfflineAccess.Name,
}
}
初始授权请求成功,IdentityServer3 返回授权码。现在我尝试了后续的令牌请求,这导致 HTTP 400 出现 invalid_client 错误以及 IdentityServer3 日志中的以下消息:
2018-04-17 10:16:38.324 +02:00 [Information] Start token request
2018-04-17 10:16:38.324 +02:00 [Debug] Start client validation
2018-04-17 10:16:38.324 +02:00 [Debug] Start parsing Basic Authentication secret
2018-04-17 10:16:38.324 +02:00 [Debug] Start parsing for secret in post body
2018-04-17 10:16:38.324 +02:00 [Debug] No secret in post body found
2018-04-17 10:16:38.324 +02:00 [Debug] Start parsing for X.509 certificate
2018-04-17 10:16:38.324 +02:00 [Debug] X.509 certificate not found.
2018-04-17 10:16:38.324 +02:00 [Information] Parser found no secret
2018-04-17 10:16:38.324 +02:00 [Information] No client secret found
2018-04-17 10:16:38.324 +02:00 [Information] End token request
2018-04-17 10:16:38.324 +02:00 [Information] Returning error: invalid_client
我是否理解错误或为什么 IdentityServer3 不返回访问令牌?