0

我正在使用 microsoft OidcClientfor oauth2.0 for google 帐户,我得到了

“用户信息端点缺少子声明”错误。”

谁能建议我是否遗漏了什么或做错了什么。

public async Task Authorize ()
{
    InitializeComponent ();

    var providerInformation = new ProviderInformation
    {
        IssuerName = "accounts.google.com",
        AuthorizeEndpoint = "https://accounts.google.com/o/oauth2/auth",
        TokenEndpoint = "https://oauth2.googleapis.com/token",
        //UserInfoEndpoint = "https://openidconnect.googleapis.com/v1/userinfo",
        UserInfoEndpoint = "https://www.googleapis.com/oauth2/v3/tokeninfo", 
        KeySet = new JsonWebKeySet()
    };

    var scope = "https://www.googleapis.com/auth/fitness.blood_glucose.read https://www.googleapis.com/auth/fitness.body.read https://www.googleapis.com/auth/fitness.activity.read https://www.googleapis.com/auth/fitness.blood_pressure.read"; https://www.googleapis.com/auth/fitness.blood_glucose.read https://www.googleapis.com/auth/fitness.body.read https://www.googleapis.com/auth/fitness.activity.read https://www.googleapis.com/auth/fitness.blood_pressure.read"; 

    var options = new OidcClientOptions
    {
        Authority = "https://accounts.google.com/o/oauth2/auth",
        ClientId = "xyz",
        Scope = scope,
        RedirectUri = "com.abc.xyzt:/oauthredirect",
        Browser = browser,
        ProviderInformation = providerInformation,
        //ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect,
        TokenClientCredentialStyle = IdentityModel.Client.ClientCredentialStyle.AuthorizationHeader
    };

    _client = new OidcClient(options);
    await _client.LoginAsync(new LoginRequest());
}

我收到了 6 种不同类型的索赔,但我没有得到JwtClaimTypes.Subject "sub"图书馆正在寻找的索赔。 在此处输入图像描述

谁能帮助或建议如何解决这个问题?

4

1 回答 1

1

我找到了解决方案。我提供了太多信息。而不是让库根据服务发现端点进行计算。

public async Task Authorize ()
{
            var discovery = new DiscoveryPolicy
            {
                ValidateEndpoints = false,
                Authority = "https://accounts.google.com"
            };

            OidcClientOptions oidcClientOptions = new OidcClientOptions
            {
                Authority = "https://accounts.google.com",
                ClientId = "2345678",
                Scope = "https://www.googleapis.com/auth/fitness.body.read",
                RedirectUri = "com.abc.xyz",
                Browser = IoCRegistry.Locate<IBrowser>(),
                ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect,
                Policy = new Policy
                {
                    Discovery = discovery,
                    RequireAccessTokenHash = false 
                }
            };

           var _client = new OidcClient(oidcClientOptions);
           var result = await _client.LoginAsync(new LoginRequest());
}
于 2020-01-14T20:34:27.100 回答