【发布时间】:2019-12-18 10:04:48
【问题描述】:
我的应用要求是使用客户端凭据和另一个代码(哈希)进行身份验证。
我按照这个link 创建和使用自定义IExtensionGrantValidator。
我设法通过批准的授权调用自定义 IExtensionGrantValidator,但客户端总是收到 invalid_grant 错误。
由于某种原因,Result(ExtensionGrantValidationContext 的属性)的设置操作总是失败(覆盖 Error 值会将覆盖的值返回给客户端)。
这是CustomGrantValidator代码:
public class CustomGrantValidator : IExtensionGrantValidator
{
public string GrantType => "grant-name";
public Task ValidateAsync(ExtensionGrantValidationContext context)
{
var hash = context.Request.Raw["hash"]; //extract hash from request
var result = string.IsNullOrEmpty(hash) ?
new GrantValidationResult(TokenRequestErrors.InvalidRequest) :
new GrantValidationResult(hash, GrantType);
context.Result = result
}
}
Startup.cs 包含这一行:
services.AddTransient<IExtensionGrantValidator, CustomGrantValidator>();
最后是客户的代码:
var httpClient = new HttpClient() { BaseAddress = new Uri("http://localhost:5000") };
var disco = await httpClient.GetDiscoveryDocumentAsync("http://localhost:5000");
var cReq = await httpClient.RequestTokenAsync(new TokenRequest
{
GrantType = "grant-name",
Address = disco.TokenEndpoint,
ClientId = clientId,// client Id taken from appsetting.json
ClientSecret = clientSecret, //client secret taken from appsetting.json
Parameters = new Dictionary<string, string> { { "hash", hash } }
});
if (cReq.IsError)
//always getting 'invalid_grant' error
throw InvalidOperationException($"{cReq.Error}: {cReq.ErrorDescription}");
【问题讨论】:
标签: asp.net-core identityserver4