我在我的 Angular 5
应用程序中使用 Identity Server 4
。
我是这样配置 Identity Server 的:
public static IEnumerable<Client> GetClients()
{
return new List<Client>
{
new Client
{
ClientId = "client",
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
AllowAccessTokensViaBrowser = true,
RequireClientSecret = false,
AllowedScopes = {
"api1"
},
AllowedCorsOrigins = new List<string>
{
"http://localhost:4200"
}
}
};
}
public void ConfigureServices(IServiceCollection services)
{
var cors = new DefaultCorsPolicyService(_loggerFactory.CreateLogger<DefaultCorsPolicyService>())
{
AllowedOrigins = { "http://localhost:4200" }
};
services.AddSingleton<ICorsPolicyService>(cors);
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients());
}
这是我的 Angular 配置:
export const oAuthDevelopmentConfig: AuthConfig = {
clientId: "client",
scope: "api1",
oidc: false,
issuer: "http://localhost:5000",
requireHttps: false
}
我这样使用配置:
...
signin(): void {
this.oAuthService
.fetchTokenUsingPasswordFlowAndLoadUserProfile(this.model.username, this.model.password)
.then(() => {
this.authenticationService.init();
...
当我尝试访问服务器时收到以下错误,但我无法理解问题出在哪里:
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
info: IdentityServer4.Validation.NotSupportedResourceOwnerPasswordValidator[0]
Resource owner password credential type not supported. Configure an IResourceOwnerPasswordValidator.
fail: IdentityServer4.Validation.TokenRequestValidator[0]
Resource owner password credential grant type not supported
fail: IdentityServer4.Validation.TokenRequestValidator[0]
{
"ClientId": "client",
"GrantType": "password",
"Scopes": "api1",
"UserName": "admin@gmail.com",
"Raw": {
"grant_type": "password",
"client_id": "client",
"scope": "api1",
"username": "admin@gmail.com",
"password": "***REDACTED***"
}
}
我错过了什么?
最佳答案
这是一个老问题,但我今天对同一个问题进行了一些探讨。 我发现了这个方法:AddResourceOwnerValidator。提出此问题时,此方法可能不存在。
这是我的 AddIdentityServer 配置。
services.AddIdentityServer(opt => opt.IssuerUri = issuerUri)
.AddDeveloperSigningCredential()
.AddInMemoryApiResources(IdServer.Configuration.GetApiResources())
.AddInMemoryClients(IdServer.Configuration.GetClients())
.AddProfileService<ProfileService>()
.AddResourceOwnerValidator<ResourceOwnerPasswordValidator>()
;
原题的时候,答案大概是这样的,如题目IdentityServer4 register UserService and get users from database in asp.net core所示
//Inject the classes we just created
services.AddTransient<IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>();
services.AddTransient<IProfileService, ProfileService>();
关于c# - 不支持资源所有者密码凭据授予类型,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/48036374/