我有这样的配置
public class Config
{
public static IEnumerable<Client> GetClients(string[] originUris, string[] redirectUris, int tokenLifetime, int slientRefreshToken)
{
return new List<Client>
{
new Client
{
ClientId = "eFMS",
ClientName = "eFMS Services",
AccessTokenLifetime = tokenLifetime,
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
RequireClientSecret = false,
RequireConsent = false,
AlwaysSendClientClaims = true,
AllowAccessTokensViaBrowser = true,
AccessTokenType = AccessTokenType.Jwt,
AllowOfflineAccess = true,
UpdateAccessTokenClaimsOnRefresh = true,
RefreshTokenExpiration = TokenExpiration.Sliding,
SlidingRefreshTokenLifetime = slientRefreshToken,
RedirectUris = redirectUris,
AllowedCorsOrigins= originUris,
AlwaysIncludeUserClaimsInIdToken = true,
AllowedScopes =
{
"openid", "profile", "offline_access", "efms_scope"
},
}
};
}
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("efms_api", "eFMS D&T API")
{
ApiSecrets = { new Secret("secret".Sha256()) }
}
};
}
public static IEnumerable<IdentityResource> GetIdentityResources()
{
return new List<IdentityResource>
{
new IdentityResources.OpenId(),
new IdentityResources.Profile() { Required = true },
new IdentityResource()
{
Name = "efms_scope",
Description = "eFMS D&T API",
DisplayName = "eFMS D&T API",
UserClaims =
{
"userId","workplaceId","userName","email"
}
}
};
}
}
并且当我在邮递员中使用用户名:admin进行测试时,通过:123456返回令牌enter image description here
但是如果我对密码进行哈希处理,则结果为“ invalid_grant”;当我调试代码时,请勿执行任务ValidateAsync(ResourceOwnerPasswordValidationContext上下文)函数。请帮助我解决此问题
AddTestUser
,则将在IdentityServer4.Test.TestUserResourceOwnerPasswordValidator
中实现ResourceOwnerPassword授予密码验证,并在TestUserStore.ValidateCredentials
中以纯文本形式对密码进行比较(无哈希