我正在尝试将 Ocelot API 网关与 ID4 集成。根据 Ocelot文档,我们可以使用外部 id 服务器https://whereyouridentityserverlives.com验证令牌,现在,我将 ID 服务器和 GateWay 集成到同一个 docker compose 中,
gateway:
image: ${DOCKER_REGISTRY}gateway
build:
context: .
dockerfile: GateWay/Dockerfile
depends_on:
- identityserver
links:
- identityserver
networks:
- api_backend
identityserver:
image: ${DOCKER_REGISTRY}identityserver:dev
networks:
- api_backend
networks:
api_backend:
driver: "bridge"
在我的网关中,我正在配置
ConfigureServices(s => {
s.AddAuthentication()
.AddIdentityServerAuthentication("TestKey", o =>
{
o.Authority = "https://identityserver";
o.ApiName = "api1";
o.SupportedTokens = SupportedTokens.Both;
});
一切正常,现在在令牌验证时出现错误,没有这样的设备或地址
很可能,网关服务器无法连接 id4,因此无法获取发现文档。
日志文件的相关部分
Request starting HTTP/1.1 GET https://localhost:44326/b
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 GET https://localhost:44326/b
Ocelot.Errors.Middleware.ExceptionHandlerMiddleware:Debug: requestId: 0HLF9AEP1C9GQ:00000001, previousRequestId: no previous request id, message: ocelot pipeline started
[40m[37mdbug[39m[22m[49m: Ocelot.Errors.Middleware.ExceptionHandlerMiddleware[0]
requestId: 0HLF9AEP1C9GQ:00000001, previousRequestId: no previous request id, message: ocelot pipeline started
Ocelot.DownstreamRouteFinder.Middleware.DownstreamRouteFinderMiddleware:Debug: requestId: 0HLF9AEP1C9GQ:00000001, previousRequestId: no previous request id, message: Upstream url path is /b
Ocelot.DownstreamRouteFinder.Middleware.DownstreamRouteFinderMiddleware:Debug: requestId: 0HLF9AEP1C9GQ:00000001, previousRequestId: no previous request id, message: downstream templates are /api/values
[40m[37mdbug[39m[22m[49m: Ocelot.DownstreamRouteFinder.Middleware.DownstreamRouteFinderMiddleware[0]
requestId: 0HLF9AEP1C9GQ:00000001, previousRequestId: no previous request id, message: Upstream url path is /b
[40m[37mdbug[39m[22m[49m: Ocelot.DownstreamRouteFinder.Middleware.DownstreamRouteFinderMiddleware[0]
requestId: 0HLF9AEP1C9GQ:00000001, previousRequestId: no previous request id, message: downstream templates are /api/values
[40m[32minfo[39m[22m[49m: Ocelot.RateLimit.Middleware.ClientRateLimitMiddleware[0]
requestId: 0HLF9AEP1C9GQ:00000001, previousRequestId: no previous request id, message: EndpointRateLimiting is not enabled for /api/values
Ocelot.RateLimit.Middleware.ClientRateLimitMiddleware:Information: requestId: 0HLF9AEP1C9GQ:00000001, previousRequestId: no previous request id, message: EndpointRateLimiting is not enabled for /api/values
[40m[32minfo[39m[22m[49m: Ocelot.Authentication.Middleware.AuthenticationMiddleware[0]
requestId: 0HLF9AEP1C9GQ:00000001, previousRequestId: no previous request id, message: /b is an authenticated route. AuthenticationMiddleware checking if client is authenticated
Ocelot.Authentication.Middleware.AuthenticationMiddleware:Information: requestId: 0HLF9AEP1C9GQ:00000001, previousRequestId: no previous request id, message: /b is an authenticated route. AuthenticationMiddleware checking if client is authenticated
The thread 422 has exited with code 0 (0x0).
The thread 435 has exited with code 0 (0x0).
[41m[30mfail[39m[22m[49m: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler[3]
Exception occurred while processing message.
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: '[PII is hidden by default. Set the 'ShowPII' flag in IdentityModelEventSource.cs to true to reveal it.]'. ---> System.IO.IOException: IDX20804: Unable to retrieve document from: '[PII is hidden by default. Set the 'ShowPII' flag in IdentityModelEventSource.cs to true to reveal it.]'. ---> System.Net.Http.HttpRequestException: No such device or address ---> System.Net.Sockets.SocketException: No such device or address
at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)
--- End of inner exception stack trace ---
at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.CreateConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.WaitForCreatedConnectionAsync(ValueTask`1 creationTask)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
--- End of inner exception stack trace ---
at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
--- End of inner exception stack trace ---
at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler:Error: Exception occurred while processing message.
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: '[PII is hidden by default. Set the 'ShowPII' flag in IdentityModelEventSource.cs to true to reveal it.]'. ---> System.IO.IOException: IDX20804: Unable to retrieve document from: '[PII is hidden by default. Set the 'ShowPII' flag in IdentityModelEventSource.cs to true to reveal it.]'. ---> System.Net.Http.HttpRequestException: No such device or address ---> System.Net.Sockets.SocketException: No such device or address
at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)
--- End of inner exception stack trace ---
at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.CreateConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.WaitForCreatedConnectionAsync(ValueTask`1 creationTask)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
--- End of inner exception stack trace ---
at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
--- End of inner exception stack trace ---
at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
我错过了什么?