总是从Identity Server获取“ invalid_client”

问题描述 投票:0回答:1

一切似乎都很正常,但无法正常工作,它返回“ Invalid_Client”-(400-错误的请求)。双方都这么简单;

身份服务器代码:

                new Client
                {
                    ClientId = "js",
                    ClientSecrets = {
                        new Secret("secret".Sha256())
                    },
                    AllowedGrantTypes = GrantTypes.ClientCredentials,
                    RequireClientSecret = false,
                    AllowedScopes =
                    {
                        "api1"
                    }
                }

Javascript客户端代码:

axios.post('http://localhost:5000/connect/token',request, {
        headers: {
             'client_id' : 'js',
             'client_secret' : 'secret',
             'grant_type': 'client_credentials',
             'scope' : 'api1'

             }});
asp.net-core oauth-2.0 jwt identityserver4 access-token
1个回答
0
投票

参数应在请求正文而不是请求标头中传递,您可以将客户端脚本修改为:

const params = new URLSearchParams();
params.append('client_id', 'js');
params.append('client_secret', 'secret');
params.append('grant_type', 'client_credentials');
params.append('scope', 'api1');

axios.post('http://localhost:5000/connect/token', params, {
    headers: {
        'Content-Type': 'application/x-www-form-urlencoded',
    }
}).then(function (response) {
    console.log(response.data);

});

并且还配置CORS是在客户端配置上使用AllowedCorsOrigins集合:

new Client
{
    ClientId = "js",
    ClientSecrets = {
        new Secret("secret".Sha256())
    },
    AllowedCorsOrigins= new List<string>() { "http://localhost:5002" },
    AllowedGrantTypes = GrantTypes.ClientCredentials,
    RequireClientSecret = false,
    AllowedScopes =
    {
        "api1"
    }
},
© www.soinside.com 2019 - 2024. All rights reserved.