我想在Identity Server版本3中提供用户定义的自定义授权类型。
参考文献:https://identityserver.github.io/Documentation/docsv2/advanced/customGrantTypes.html
我的客户端(内存中)代码是
new Client
{
ClientName = "ABC Service",
ClientId = "ABC_SERVICE",
ClientSecrets = new List<Secret>
{
new Secret("secret".Sha256()),
},
Enabled = true,
Flow = Flows.Custom,
AllowedCustomGrantTypes = new List<string>
{
"abc_service"
},
AllowedScopes = new List<string>
{
"read",
"write",
},
}
我的客户端代码是
var client = new TokenClient(
"https://localhost:2025/core/connect/token",
"ABC_SERVICE",
"secret");
var customParams = new Dictionary<string, string>
{
{ "some_custom_parameter", "some_value" }
};
var result = client.RequestCustomGrantAsync("abc_service", "read", customParams).Result;
它给出了错误的完整输出
{
"error": "unsupported_grant_type"
}
如果我将AllowedCustomGrantTypes
从"abc_service"
更改为"custom"
,它可以正常工作并调用客户端代码。
AllowedCustomGrantTypes = new List<string>
{
"custom"
}
客户代码:
var result = client.RequestCustomGrantAsync("custom", "read", customParams).Result;
请帮助我如何指定用户定义的自定义授权类型。
我们需要在Custom Grant Validator服务中指定用户定义的自定义授权类型
class CustomGrantValidator : ICustomGrantValidator {
private IUserService _users;
public CustomGrantValidator(IUserService users) {
_users = users;
}
Task<CustomGrantValidationResult> ICustomGrantValidator.ValidateAsync(ValidatedTokenRequest request) {
var param = request.Raw.Get("some_custom_parameter");
if (string.IsNullOrWhiteSpace(param)) {
return Task.FromResult<CustomGrantValidationResult>(
new CustomGrantValidationResult("Missing parameters."));
}
return Task.FromResult(new CustomGrantValidationResult("abc","customGrant"));
}
public string GrantType {
get { return "user-defined-value"; }
}
}
在上面的类中包含一个属性“GrantType”,我们需要在那里指定我们的用户定义值,然后它的工作正常。
public string GrantType {
get { return "user-defined-value"; }
}
在我的情况下,价值将是
public string GrantType {
get { return "abc_service"; }
}