身份服务器身份令牌始终为null

时间:2020-08-18 11:11:47

标签: asp.net-core .net-core asp.net-identity identityserver4

我正在将身份服务器与.net核心应用程序配合使用。

当前场景:从Facebook获取令牌,使用Facebook API验证用户身份。然后在我们的数据库中创建一个用户。

一切正常,除了返回的令牌始终具有空的identity_token。

我尝试将id_token token添加到范围中,但也无法正常工作。

登录API 

[HttpPost("SocialLogin")]
public async Task<IActionResult> SocialMediaLogin()
{
    try
    {

        var protocol = _httpContextAccessor.HttpContext.Request.Scheme;
        var host = _httpContextAccessor.HttpContext.Request.Host.Value;
        var baseUrl = $"{protocol}://{host}/";

        #region Validating Headers and Parameters

        StringValues jwtToken = Request.Headers["token"];
        if (!jwtToken.Any())
        {
            return BadRequest("Each user should have a token");
        }

        var secretKey = _configuration["SecretKey"].ToString();
        var (status, paylod) = GeneralUtilities.CheckSocialMediaTokenHeaderAndValues(jwtToken, secretKey);
        if (status != ResponseStatus.Success)
        {
            return BadRequest("User Id or token are wrong");
        }

        #endregion

        var clientId = _configuration["Clients:Mobile:Id"].ToString();
        var secret = _configuration["Clients:Mobile:Secret"].ToString();
        var consumerKey = _configuration["ConsumerKey"].ToString();
        var consumerKeySecret = _configuration["ConsumerKeySecret"].ToString();

        var disco = await DiscoveryClient.GetAsync(baseUrl);
        if (disco.IsError) throw new Exception(disco.Error);

        var tokenClient = new TokenClient(disco.TokenEndpoint, clientId, secret);
        var payload = new
        {
            provider = paylod.Provider,
            external_token = paylod.Token,
            email = paylod.Email,
            profilePicture = paylod.ProfilePictureUrl,
            twitter_secret = paylod.TwitterSecret,
            consumerKeySecret,
            consumerKey,
            displayName = paylod.DisplayName
        };

        //If user exist, we should update the profile Url of the user
        var user = await _userManager.FindByEmailAsync(payload.email);
        if (user != null)
        {
            user.ProfilePictureUrl = payload.profilePicture;
            await _userManager.UpdateAsync(user);
        }

        var result = await tokenClient.RequestCustomGrantAsync(grantType: "external", scope: "my-api offline_access", extra: payload);
        if (result.IsError) return new JsonResult(result.Json);

        if (!string.IsNullOrWhiteSpace(result.AccessToken))
        {
            return Ok(result);
        }
        return new JsonResult(null);
    }
    catch (Exception)
    {
        return BadRequest();
    }
}

至于Startup.cs,这是我为身份所做的事情:

services.AddIdentity<AppUser, IdentityRole>()
    .AddEntityFrameworkStores<ApplicationDbContext>()
    .AddDefaultTokenProviders();

services.AddIdentityServer()
    .AddOperationalStore(options =>
        options.ConfigureDbContext = builder =>
            builder.UseSqlServer(connectionString, sqloptions => sqloptions.MigrationsAssembly(migrationsAssembly)))
    .AddConfigurationStore(options =>
        options.ConfigureDbContext = builder =>
            builder.UseSqlServer(connectionString, sqloptions => sqloptions.MigrationsAssembly(migrationsAssembly)))
    .AddAspNetIdentity<AppUser>()
    .AddDeveloperSigningCredential();

// Configure Identity
services.Configure<IdentityOptions>(options =>
{
    // Password settings
    options.Password.RequireDigit = true;
    options.Password.RequireNonAlphanumeric = false;
    options.Password.RequireUppercase = false;
    options.Password.RequireLowercase = false;
});

identity_token或access_token在哪里构建?

0 个答案:

没有答案
相关问题
最新问题