我在同一个项目中有Asp.net MVC Web应用程序和webapi。我正在使用资源所有者凭据流进行身份管理。是否可以在相同的startup.cs(webapplication.startup.cs)中配置webapi,客户端和身份服务器。尝试在同一startup.cs中配置webapi和身份服务器时,我遇到以下错误“ IdentityServer3.AccessTokenValidation.dll中发生类型'System.InvalidOperationException'的异常,但未在用户代码中处理”
其他信息:IDX10803:无法创建以从以下位置获取配置:“ https://localhost:44303/.well-known/openid-configuration”。

这是我的startup.cs的代码:

using IdentityServer3.AccessTokenValidation;
using IdentityServer3.Core.Configuration;
using IdentityServer3.Core.Services;
using IdentityServer3.Core.Services.Default;
using MarilynIdentityServer.IdentityServer;
using Microsoft.Owin;
using Owin;
using System;
//using System.IdentityModel.Claims;
using System.Security.Claims;
using System.Security.Cryptography.X509Certificates;
using System.Threading.Tasks;
using System.Web.Http;
using System.Linq;

[assembly: OwinStartupAttribute(typeof(MarilynIdentityServer.Startup))]
namespace MarilynIdentityServer
{
    public class Startup
    {
        public void Configuration(IAppBuilder app)
        {

            var factory = new IdentityServerServiceFactory()
                    .UseInMemoryClients(Clients.Get())
                    .UseInMemoryScopes(Scopes.Get());

            var userService = new UserLoginService();

            factory.UserService = new Registration<IUserService>(resolver => userService);
            factory.CorsPolicyService = new Registration<ICorsPolicyService>(new DefaultCorsPolicyService { AllowAll = true });

            var option = new IdentityServerOptions
            {


                SiteName = "Embedded IdentityServer",
                SigningCertificate = LoadCertificate(),

                Factory = factory,

                //AuthenticationOptions = new AuthenticationOptions
                //{
                //    //EnableLocalLogin = false,
                //    IdentityProviders = ConfigureIdentityProviders
                //},


            };
            app.UseIdentityServer(option);


            app.Map("/api", idsrvApi =>
            {
                // token validation
                idsrvApi.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
                {
                    Authority = "https://localhost:44303/",
                    RequiredScopes = new[] { "sampleApi" }
                });

                // add app local claims per request
                idsrvApi.UseClaimsTransformation(incoming =>
                {
                    // either add claims to incoming, or create new principal
                    var appPrincipal = new ClaimsPrincipal(incoming);
                    incoming.Identities.First().AddClaim(new Claim("appSpecific", "some_value"));

                    return Task.FromResult(appPrincipal);
                });

                // web api configuration
                var config = new HttpConfiguration();
                config.MapHttpAttributeRoutes();

                idsrvApi.UseWebApi(config);
            });
        }

        X509Certificate2 LoadCertificate()
        {

            return new X509Certificate2(
                string.Format(@"{0}bin\identityServer\idsrv3test.pfx", AppDomain.CurrentDomain.BaseDirectory), "idsrv3test");


        }
    }
}


结束语是否可以在同一应用程序中配置WebApi,Web应用程序和Identity Server?

任何帮助,将不胜感激。

问候
阿米特

最佳答案

绝对有可能,但是由于找不到本地Identity Server,我遇到了类似的问题。

通常,解决该问题的方法是修改管道以在其自己的app.Map块中而不是根目录中包含Identity Server。这似乎使其可以被身份验证中间件发现。

如果尝试这样做,请不要忘记更新身份验证中间件中的权限。

关于asp.net-web-api - IdentityServer3和Web API在同一过程中,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/33340461/

10-11 06:00