问题描述
我试图在 angular 应用程序中使用带有 oppeniddict 的 oidc-client,但是 .well-kNown/openid-configuration 出现错误。
错误说:
GET http://localhost:2987/.well-kNown/openid-configuration 400 (Bad Request)
我在 dot-net core 5 应用程序中有 openiddict 实现。
然后我获取 URL http://localhost:2987/.well-kNown/openid-configuration 并在浏览器中浏览它,我收到错误:
{
"error": "invalid_request","error_description": "This server only accepts HTTPS requests.","error_uri": "https://documentation.openiddict.com/errors/ID2083"
}
我还从网络服务器设置中禁用了 SSL,如图所示:
我的启动 ConfigureServices 如下所示:
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<ApplicationDbContext>(options =>
{
options.UsesqlServer(Configuration["ConnectionString"],sqlServerOptionsAction: sqlOptions =>
{
sqlOptions.MigrationsAssembly(typeof(Startup).GetTypeInfo().Assembly.GetName().Name);
});
options.USEOpenIddict();
});
services.AddIdentity<ApplicationUser,IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
services.Configure<IdentityOptions>(options =>
{
options.ClaimsIdentity.UserNameClaimType = Claims.Name;
options.ClaimsIdentity.UserIdClaimType = Claims.Subject;
options.ClaimsIdentity.RoleClaimType = Claims.Role;
});
services.AddOpenIddict()
.AddCore(options =>
{
options.UseEntityFrameworkCore()
.UseDbContext<ApplicationDbContext>();
}).AddServer(options =>
{
options.SetAuthorizationEndpointUris("/connect/authorize")
.SetlogoutEndpointUris("/connect/logout")
.SetIntrospectionEndpointUris("/connect/introspect")
.SetUserinfoEndpointUris("/connect/userinfo");
options.RegisterScopes(Scopes.Email,Scopes.Profile,Scopes.Roles);
options.AllowImplicitFlow();
options.AddEncryptionKey(new SymmetricSecurityKey(
Convert.FromBase64String("DRjd/GnduI3Efzen9V9BvbNUfc/VKgXltV7Kbk9sMkY=")));
options.AddDevelopmentSigningCertificate();
options.UseAspNetCore()
.EnableAuthorizationEndpointPassthrough()
.EnablelogoutEndpointPassthrough()
.EnableuserinfoEndpointPassthrough()
.EnableStatusCodePagesIntegration();
}).AddValidation(options =>
{
// Import the configuration from the local OpenIddict server instance.
options.UseLocalServer();
// Register the ASP.NET Core host.
options.UseAspNetCore();
});
services.AddCors(options => options.AddPolicy("ApiCorsPolicy",builder =>
{
builder.WithOrigins("http://localhost:4200").AllowAnyMethod().AllowAnyHeader();
}));
services.AddControllersWithViews();
}
配置:
public void Configure(IApplicationBuilder app,IWebHostEnvironment env)
{
app.UseStatusCodePagesWithReExecute("/error");
app.UseRouting();
app.UseCors("ApiCorsPolicy");
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(options =>
{
options.MapControllers();
options.MapDefaultControllerRoute();
});
}
我觉得我错过了一些非常容易做到的事情。但是找不到真正的原因。 StackOverflow 中没有任何问题。
是 Openiddict 的错误还是 dot net core 5 本身的错误?任何指南或解决方法将不胜感激挖掘此问题。
解决方法
我最近也遇到了这个问题。 默认情况下启用 Openiddict SSL。 如果您想禁用 ssl 检查。
您可以通过以下代码禁用它
options.UseAspNetCore().DisableTransportSecurityRequirement();