在单独的项目中具有IdentityServer4和Blazor客户端的Identity用户数据库API。我可以通过邮递员注册一个新用户。在Blazor客户端中运行以下代码时(用于修补和学习)
@page "/registrer"
@using Models
@using System.Net.Http
@using IdentityModel.Client
@inject HttpClient Http
<EditForm Model="@registerUserModel" OnValidSubmit="@HandleValidSubmit">
<DataAnnotationsValidator />
<ValidationSummary />
<InputText id="email" type="email" @bind-Value="@registerUserModel.Email" />
<InputText id="password" type="password" @bind-Value="@registerUserModel.Password" />
<InputText id="confirmPassword" type="password" @bind-Value="@registerUserModel.ConfirmPassword" />
<button type="submit">Registrer deg</button>
</EditForm>
@code {
private RegisterUserModel registerUserModel = new RegisterUserModel();
public async Task HandleValidSubmit()
{
var newUser = new RegisterUserModel
{
Email = registerUserModel.Email,
Password = registerUserModel.Password,
ConfirmPassword = registerUserModel.ConfirmPassword
};
var client = new HttpClient();
var response = await client.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest
{
Address = "https://localhost:5001/connect/token",
ClientId = "client",
ClientSecret = "511536EF-F270-4058-80CA-1C89C192F69A",
Scope = "api1"
});
Http.SetBearerToken(response.AccessToken);
await Http.PostJsonAsync("https://localhost:5001/register", newUser);
}
}
我能够获取访问令牌并验证Blazor客户端,但随后出现此错误
dbug:IdentityServer4.Hosting.CorsPolicyProvider [0]针对来源:http://localhost:60013的路径:/注册提出了CORS请求,但由于路径不是针对允许的IdentityServer CORS端点
为什么?当它在邮递员中工作并且没有CORS政策时。试图允许客户使用AllowedCorsOrigins
,只是为了检查。
编辑:HttpClient
的两个实例只是“修补”,我知道(?)注入的客户端具有某种默认值,但是当在@code
中使用新的默认值时,错误保持不变
ID4配置按要求
new Client { ClientId = "client", ClientName = "Client Credentials Client", AllowedGrantTypes = GrantTypes.ClientCredentials, ClientSecrets = { new Secret("511536EF-F270-4058-80CA-1C89C192F69A".Sha256()) }, AllowedScopes = { "api1" }, // AllowedCorsOrigins = { "http://localhost:60013" }, },
ID4启动
var builder = services.AddIdentityServer(options =>
{
options.Events.RaiseErrorEvents = true;
options.Events.RaiseInformationEvents = true;
options.Events.RaiseFailureEvents = true;
options.Events.RaiseSuccessEvents = true;
})
.AddInMemoryIdentityResources(Config.GetIdentityResources())
.AddInMemoryApiResources(Config.GetApis())
.AddInMemoryClients(Config.GetClients())
.AddAspNetIdentity<User>();
builder.AddDeveloperSigningCredential();
在单独的项目中具有IdentityServer4和Blazor客户端的Identity用户数据库API。我可以通过邮递员注册一个新用户。在Blazor客户端中运行以下代码时(for ...