c# - .net core 3 preview 8 升级后 React SPA/Embedded Identity Server 问题

Question

我们有一个 React SPA，它最初是使用 SPA 模板创建的，并在 .NET Core 3 预览版 7 上运行。React SPA“客户端”配置为隐式流并成功使用 oidc-client。一切正常。

这是我的 startup.cs 中的客户端配置:

        var mySPAClient = new IdentityServer4.Models.Client()
        {
            AccessTokenLifetime = accessTokenLifetime,
            RedirectUris =
                {
                    $"{host}/authentication/login-callback",
                    $"{host}/silent-refresh.html"
                },
            PostLogoutRedirectUris =
                {
                    $"{host}/authentication/logout-callback"
                },
            ClientId = "projectName.web",
            AllowedScopes =
                {
                    "projectName.webAPI",
                    "openid",
                    "profile"
                },
            ClientName = "projectName.web",
            RequireConsent = false,
            AllowedGrantTypes =
                {
                    IdentityModel.OidcConstants.GrantTypes.Implicit
                },
            AllowAccessTokensViaBrowser = true,
        };

但是现在，当我为任何预览 7 的程序集升级到预览 8 时，我在日志中收到以下错误

[10:55:34 Error] Invalid grant type for client: "authorization_code" AuthorizeRequestValidationLog { ClientId: "projectName.web", ClientName: "projectName.web", RedirectUri: "https://localhost:44343/authentication/login-callback", AllowedRedirectUris: ["https://localhost:44343/authentication/login-callback", "https://localhost:44343/silent-refresh.html"], SubjectId: "anonymous", ResponseType: "code", ResponseMode: "query", GrantType: "authorization_code", RequestedScopes: "", State: "a1e84334a8c94b7db599ddb9336447c8", UiLocales: null, Nonce: null, AuthenticationContextReferenceClasses: null, DisplayMode: null, PromptMode: null, MaxAge: null, LoginHint: null, SessionId: null, Raw: [("client_id": "projectName.web"), ("redirect_uri": "https://localhost:44343/authentication/login-callback"), ("response_type": "code"), ("scope": "projectName.webAPI openid profile"), ("state": "a1e84334a8c94b7db599ddb9336447c8"), ("code_challenge": "E8p1sg1Y0TdbhxccGB-_fbx7D6GnJXfCpcYu1IHZC_k"), ("code_challenge_method": "S256"), ("prompt": "none")] } (IdentityServer4.Validation.AuthorizeRequestValidator) [10:55:34 Error] Request validation failed (IdentityServer4.Endpoints.AuthorizeEndpoint)

我不知道为什么它现在指的是 authorization_code 而出现这个错误？

欢迎任何帮助

Answer 1

将 response_type 更改为 "token" 而不是 "code" 你应该没问题

更新:

确保您提供正确的authority, client_id, response_type, scope 设置