c# - 不支持资源所有者密码凭据授予类型

Question

我在我的 Angular 5 应用程序中使用 Identity Server 4。

我是这样配置 Identity Server 的:

  public static IEnumerable<Client> GetClients()
        {
            return new List<Client>
            {
                new Client
                {
                    ClientId = "client",
                    AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, 
                    AllowAccessTokensViaBrowser = true,
                    RequireClientSecret = false, 

                    AllowedScopes = {
                        "api1"
                    },

                    AllowedCorsOrigins = new List<string>
                    {
                        "http://localhost:4200"
                    } 
                }
            };
        }


    public void ConfigureServices(IServiceCollection services)
    {

        var cors = new DefaultCorsPolicyService(_loggerFactory.CreateLogger<DefaultCorsPolicyService>())
        {
            AllowedOrigins = { "http://localhost:4200" }
        };
        services.AddSingleton<ICorsPolicyService>(cors);

        services.AddIdentityServer()
                .AddDeveloperSigningCredential()
                .AddInMemoryApiResources(Config.GetApiResources())
                .AddInMemoryClients(Config.GetClients());
    }

这是我的 Angular 配置:

export const oAuthDevelopmentConfig: AuthConfig = {

    clientId: "client",
    scope: "api1",
    oidc: false,
    issuer: "http://localhost:5000",
    requireHttps: false
}

我这样使用配置:

...
    signin(): void {
        this.oAuthService
            .fetchTokenUsingPasswordFlowAndLoadUserProfile(this.model.username, this.model.password)
            .then(() => {
                this.authenticationService.init();
...

当我尝试访问服务器时收到以下错误，但我无法理解问题出在哪里:

info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
      Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
info: IdentityServer4.Validation.NotSupportedResourceOwnerPasswordValidator[0]
      Resource owner password credential type not supported. Configure an IResourceOwnerPasswordValidator.
fail: IdentityServer4.Validation.TokenRequestValidator[0]
      Resource owner password credential grant type not supported
fail: IdentityServer4.Validation.TokenRequestValidator[0]
      {
        "ClientId": "client",
        "GrantType": "password",
        "Scopes": "api1",
        "UserName": "admin@gmail.com",
        "Raw": {
          "grant_type": "password",
          "client_id": "client",
          "scope": "api1",
          "username": "admin@gmail.com",
          "password": "***REDACTED***"
        }
      }

我错过了什么？

Answer 1

这是一个老问题，但我今天对同一个问题进行了一些探讨。 我发现了这个方法:AddResourceOwnerValidator。提出此问题时，此方法可能不存在。

这是我的 AddIdentityServer 配置。

        services.AddIdentityServer(opt => opt.IssuerUri = issuerUri)
            .AddDeveloperSigningCredential()
            .AddInMemoryApiResources(IdServer.Configuration.GetApiResources())
            .AddInMemoryClients(IdServer.Configuration.GetClients())
            .AddProfileService<ProfileService>()
            .AddResourceOwnerValidator<ResourceOwnerPasswordValidator>()
            ;

原题的时候，答案大概是这样的，如题目IdentityServer4 register UserService and get users from database in asp.net core所示

//Inject the classes we just created
services.AddTransient<IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>();
services.AddTransient<IProfileService, ProfileService>();