我在同一个项目中有Asp.net MVC Web应用程序和webapi。我正在使用资源所有者凭据流进行身份管理。是否可以在相同的startup.cs(webapplication.startup.cs)中配置webapi,客户端和身份服务器。尝试在同一startup.cs中配置webapi和身份服务器时,我遇到以下错误“ IdentityServer3.AccessTokenValidation.dll中发生类型'System.InvalidOperationException'的异常,但未在用户代码中处理”
其他信息:IDX10803:无法创建以从以下位置获取配置:“ https://localhost:44303/.well-known/openid-configuration”。
这是我的startup.cs的代码:
using IdentityServer3.AccessTokenValidation;
using IdentityServer3.Core.Configuration;
using IdentityServer3.Core.Services;
using IdentityServer3.Core.Services.Default;
using MarilynIdentityServer.IdentityServer;
using Microsoft.Owin;
using Owin;
using System;
//using System.IdentityModel.Claims;
using System.Security.Claims;
using System.Security.Cryptography.X509Certificates;
using System.Threading.Tasks;
using System.Web.Http;
using System.Linq;
[assembly: OwinStartupAttribute(typeof(MarilynIdentityServer.Startup))]
namespace MarilynIdentityServer
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
var factory = new IdentityServerServiceFactory()
.UseInMemoryClients(Clients.Get())
.UseInMemoryScopes(Scopes.Get());
var userService = new UserLoginService();
factory.UserService = new Registration<IUserService>(resolver => userService);
factory.CorsPolicyService = new Registration<ICorsPolicyService>(new DefaultCorsPolicyService { AllowAll = true });
var option = new IdentityServerOptions
{
SiteName = "Embedded IdentityServer",
SigningCertificate = LoadCertificate(),
Factory = factory,
//AuthenticationOptions = new AuthenticationOptions
//{
// //EnableLocalLogin = false,
// IdentityProviders = ConfigureIdentityProviders
//},
};
app.UseIdentityServer(option);
app.Map("/api", idsrvApi =>
{
// token validation
idsrvApi.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = "https://localhost:44303/",
RequiredScopes = new[] { "sampleApi" }
});
// add app local claims per request
idsrvApi.UseClaimsTransformation(incoming =>
{
// either add claims to incoming, or create new principal
var appPrincipal = new ClaimsPrincipal(incoming);
incoming.Identities.First().AddClaim(new Claim("appSpecific", "some_value"));
return Task.FromResult(appPrincipal);
});
// web api configuration
var config = new HttpConfiguration();
config.MapHttpAttributeRoutes();
idsrvApi.UseWebApi(config);
});
}
X509Certificate2 LoadCertificate()
{
return new X509Certificate2(
string.Format(@"{0}bin\identityServer\idsrv3test.pfx", AppDomain.CurrentDomain.BaseDirectory), "idsrv3test");
}
}
}
结束语是否可以在同一应用程序中配置WebApi,Web应用程序和Identity Server?
任何帮助,将不胜感激。
问候
阿米特
最佳答案
绝对有可能,但是由于找不到本地Identity Server,我遇到了类似的问题。
通常,解决该问题的方法是修改管道以在其自己的app.Map
块中而不是根目录中包含Identity Server。这似乎使其可以被身份验证中间件发现。
如果尝试这样做,请不要忘记更新身份验证中间件中的权限。
关于asp.net-web-api - IdentityServer3和Web API在同一过程中,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/33340461/