IdentityServer4.Stores.ValidatingClientStore Неверная конфигурация клиента для ... клиента не указан разрешенный тип предоставления - PullRequest
Новая
       3

IdentityServer4.Stores.ValidatingClientStore Неверная конфигурация клиента для ... клиента не указан разрешенный тип предоставления

0 голосов
/ 24 марта 2020

Привет, я получаю сообщение об ошибке ...

"IdentityServer4.Stores.ValidatingClientStore Неправильная конфигурация клиента для ... клиента не указан тип разрешенного предоставления"

при использовании контекста базы данных sql, первоначально посеянного из данных stati c.

Если я использую те же данные stati c в контексте AddInMemoryClients, ошибок не возникает, и все работает нормально.

Определение клиента ... 

        new Client
        {
            ClientId = "GameMvc",
            ClientName = "MGame web client",
            ClientSecrets =  { new Secret("058dddb593be4e149c19e23fd336e2ed".Sha256()) },
            AllowRememberConsent = false,
            AllowOfflineAccess = true,
            UpdateAccessTokenClaimsOnRefresh = true,
            AccessTokenLifetime = 180,
            AllowedGrantTypes = GrantTypes.Hybrid,
            RedirectUris = { "https://localhost:44330/signin-oidc" },
            PostLogoutRedirectUris = { "https://localhost:44330/signout-callback-oidc" },
            AllowedScopes =
            {
                "openid",
                "profile",
                "email",
                "address",
                "offline_access",
                "role",
            }
        }

Вывод отладочной информации сервера идентификации 

fail: IdentityServer4.Stores.ValidatingClientStore[0]
      Invalid client configuration for client GameMvc: no allowed grant type specified
info: IdentityServer4.Events.DefaultEventService[0]
      {
        "Name": "Invalid Client Configuration",
        "Category": "Error",
        "EventType": "Error",
        "Id": 3001,
        "ClientId": "GameMvc",
        "ClientName": "MGame web client",
        "Message": "no allowed grant type specified",
        "ActivityId": "0HLUGMDSRD0QH:00000007",
        "TimeStamp": "2020-03-25T11:56:22Z",
        "ProcessId": 22768,
        "LocalIpAddress": "::1:44320",
        "RemoteIpAddress": "::1"
      }
fail: IdentityServer4.Validation.AuthorizeRequestValidator[0]
      Unknown client or not enabled: GameMvc
{
        "SubjectId": "anonymous",
        "RequestedScopes": "",
        "Raw": {
          "client_id": "GameMvc",
          "redirect_uri": "https://localhost:44330/signin-oidc",
          "response_type": "code id_token",
          "scope": "openid profile email offline_access role experience subscription_level GameApi",
          "response_mode": "form_post",
          "nonce": "637207341781609343.NzJmYjQ1ZjgtNDI1Yy00ZWY4LWE2YTItOTE0MWUwNTYwNDIwNzQ0NWJjOWEtN2FhNS00M2NlLTlhMmMtMTlkODBhMTliYjdm",
          "state": "CfDJ8H3n8sVeRBlPopiMUAsqux6eF3ZksNANFCae20YtpBRAXjP-7HUxq1--kcY8uMuiT1moapzqik0ifGaLVmBiQw2QcRcNLlJCpN50yy2uHy52-ydsbCEGigE81skOlEalX2fMbjOuVRSC5jT4FaE2DFM-wPj8ndbf_VGYQ-FG5avBp9vsSKMW_CdUaUtrbs4nsEmAn1NTZoXIPTXnzBcCKOPwSpCOalpK1i4SbpKFbvN3PAKCNw1zPi-lFM5_W3icVvD_gazWnP3X1jxp_3XzCSoKIf3bKSL6TKuix28SPJZ_-KnKJtWOAUkkTFu20Qr0DQ",
          "x-client-SKU": "ID_NETSTANDARD2_0",
          "x-client-ver": "5.5.0.0"
        }
      }
fail: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
      Request validation failed
info: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
      {
        "SubjectId": "anonymous",
        "RequestedScopes": "",
        "Raw": {
          "client_id": "GameMvc",
          "redirect_uri": "https://localhost:44330/signin-oidc",
          "response_type": "code id_token",
          "scope": "openid profile email offline_access role experience subscription_level GameApi",
          "response_mode": "form_post",
          "nonce": "637207341781609343.NzJmYjQ1ZjgtNDI1Yy00ZWY4LWE2YTItOTE0MWUwNTYwNDIwNzQ0NWJjOWEtN2FhNS00M2NlLTlhMmMtMTlkODBhMTliYjdm",
          "state": "CfDJ8H3n8sVeRBlPopiMUAsqux6eF3ZksNANFCae20YtpBRAXjP-7HUxq1--kcY8uMuiT1moapzqik0ifGaLVmBiQw2QcRcNLlJCpN50yy2uHy52-ydsbCEGigE81skOlEalX2fMbjOuVRSC5jT4FaE2DFM-wPj8ndbf_VGYQ-FG5avBp9vsSKMW_CdUaUtrbs4nsEmAn1NTZoXIPTXnzBcCKOPwSpCOalpK1i4SbpKFbvN3PAKCNw1zPi-lFM5_W3icVvD_gazWnP3X1jxp_3XzCSoKIf3bKSL6TKuix28SPJZ_-KnKJtWOAUkkTFu20Qr0DQ",
          "x-client-SKU": "ID_NETSTANDARD2_0",
          "x-client-ver": "5.5.0.0"
        }
      }

, однако с использованием того же клиента в памяти в сценарии с AddInMemoryClients он работает ... см. Выходные данные отладки ниже. . 

dbug: IdentityServer4.Validation.AuthorizeRequestValidator[0]
      Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
      ValidatedAuthorizeRequest
      {
        "ClientId": "GameMvc",
        "ClientName": "MGame web client",
        "RedirectUri": "https://localhost:44330/signin-oidc",
        "AllowedRedirectUris": [
          "https://localhost:44330/signin-oidc"
        ],
        "SubjectId": "anonymous",
        "ResponseType": "code id_token",
        "ResponseMode": "form_post",
        "GrantType": "hybrid",
        "RequestedScopes": "openid profile email offline_access role experience subscription_level GameApi",
        "State": "CfDJ8H3n8sVeRBlPopiMUAsqux7YiGRgIGQOeT0aF9aYMv-a40lLmjS_uEZw_jMeQAgkq7wFGq8mMMekKNm8U6uFL_kruFOX_gYjhJjzRZUKG1aHE0vpcJ0i0zYqd9aTh6elus8MxkP6NaGWszjf0wXSwVNboUdq_7NAvR_b4Pyt0sMkD5LTysTQ4VePtKi-FjDarp5xlRPvQUfiYpZfcyOGi7eqSlHuiVzD83uByMBhJ3cIA6h5n5zDzzotNpwxw_QLQk4A8zN06tgTHhUYTWV-5kxYiX3N84f__eyB3K_TCY94Kbm562BZX4TtfLzJHqJAdg",
        "Nonce": "637207668423193165.NjAzZDAwM2UtMjc0Yi00ZTNiLTgyOWYtN2JhYTI5ZTkxNDBlZGJiN2FiZGEtN2ZmYy00OGFkLWE5MGItMzAzNmY3OGM1MGIx",
        "SessionId": "",
        "Raw": {
          "client_id": "GameMvc",
          "redirect_uri": "https://localhost:44330/signin-oidc",
          "response_type": "code id_token",
          "scope": "openid profile email offline_access role experience subscription_level GameApi",
          "response_mode": "form_post",
          "nonce": "637207668423193165.NjAzZDAwM2UtMjc0Yi00ZTNiLTgyOWYtN2JhYTI5ZTkxNDBlZGJiN2FiZGEtN2ZmYy00OGFkLWE5MGItMzAzNmY3OGM1MGIx",
          "state": "CfDJ8H3n8sVeRBlPopiMUAsqux7YiGRgIGQOeT0aF9aYMv-a40lLmjS_uEZw_jMeQAgkq7wFGq8mMMekKNm8U6uFL_kruFOX_gYjhJjzRZUKG1aHE0vpcJ0i0zYqd9aTh6elus8MxkP6NaGWszjf0wXSwVNboUdq_7NAvR_b4Pyt0sMkD5LTysTQ4VePtKi-FjDarp5xlRPvQUfiYpZfcyOGi7eqSlHuiVzD83uByMBhJ3cIA6h5n5zDzzotNpwxw_QLQk4A8zN06tgTHhUYTWV-5kxYiX3N84f__eyB3K_TCY94Kbm562BZX4TtfLzJHqJAdg",
          "x-client-SKU": "ID_NETSTANDARD2_0",
          "x-client-ver": "5.5.0.0"
        }
      }

Я мог бы убедиться, что данные действительно сохраняются в базе данных .. enter image description here

Здесь под /.well-known/openid- конфигурация 

/ https://localhost:44320/.well-known/openid-configuration

{
  "issuer": "https://localhost:44320",
  "jwks_uri": "https://localhost:44320/.well-known/openid-configuration/jwks",
  "authorization_endpoint": "https://localhost:44320/connect/authorize",
  "token_endpoint": "https://localhost:44320/connect/token",
  "userinfo_endpoint": "https://localhost:44320/connect/userinfo",
  "end_session_endpoint": "https://localhost:44320/connect/endsession",
  "check_session_iframe": "https://localhost:44320/connect/checksession",
  "revocation_endpoint": "https://localhost:44320/connect/revocation",
  "introspection_endpoint": "https://localhost:44320/connect/introspect",
  "device_authorization_endpoint": "https://localhost:44320/connect/deviceauthorization",
  "frontchannel_logout_supported": true,
  "frontchannel_logout_session_supported": true,
  "backchannel_logout_supported": true,
  "backchannel_logout_session_supported": true,
  "scopes_supported": [
    "subscription_level",
    "experience",
    "role",
    "address",
    "phone",
    "email",
    "profile",
    "openid",
    "GameApiFullAccess",
    "GameApiReadWrite",
    "GameApiReadOnly",
    "GameApi",
    "offline_access"
  ],
  "claims_supported": [
    "subscription_level",
    "experience",
    "role",
    "address",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "family_name",
    "given_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "profile",
    "picture",
    "website",
    "gender",
    "name",
    "birthdate",
    "locale",
    "updated_at",
    "zoneinfo",
    "sub"
  ],
  "grant_types_supported": [
    "authorization_code",
    "client_credentials",
    "refresh_token",
    "implicit",
    "password",
    "urn:ietf:params:oauth:grant-type:device_code"
  ],
  "response_types_supported": [
    "code",
    "token",
    "id_token",
    "id_token token",
    "code id_token",
    "code token",
    "code id_token token"
  ],
  "response_modes_supported": [
    "form_post",
    "query",
    "fragment"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "subject_types_supported": [
    "public"
  ],
  "code_challenge_methods_supported": [
    "plain",
    "S256"
  ],
  "request_parameter_supported": true
}

1 Ответ

0 голосов
/ 06 апреля 2020

Наконец я кешировал ошибку

Ошибка выдается, если ...

builder.UseQueryTrackingBehavior (QueryTrackingBehavior.NoTracking) для ConfigurationDbContext

Так что желаемая опция для Идентификационный сервер dbContext имеет значение QueryTrackingBehavior.TrackAll

BR

Добро пожаловать на сайт PullRequest, где вы можете задавать вопросы и получать ответы от других членов сообщества.

Нет похожих вопросов

...