openiddict GetOpenIdConnectRequest
У меня возникла проблема после обновления с OpenIddict-beta2 до текущей версии. В моем AuthorizationController запрос на this.HttpContext.GetOpenIdConnectRequest(); всегда возвращает ноль.
Мой метод Configure() выглядит так:
public void Configure(IApplicationBuilder app, ILoggerFactory loggerFactory, DealerFrontendUserDALSeeder dbSeeder)
{
// If I don't put this call here I get Error 500 when calling /connect/token
use.UseMvc();
loggerFactory.AddConsole(this.Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
loggerFactory.AddSerilog();
// Static Files and default file name
var dfFilesOptions = new DefaultFilesOptions();
dfFilesOptions.DefaultFileNames.Clear();
dfFilesOptions.DefaultFileNames.Add("index.html");
app.UseDefaultFiles(dfFilesOptions);
app.UseStaticFiles(); // root Folder
// Add a custom Jwt Provider to generate Tokens
app.UseIdentity();
// Add a middleware used to validate access
// tokens and protect the API endpoints.
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
Audience = this.Configuration.GetSection("Authentication:openIddict:Authority")
.Value,
Authority = this.Configuration.GetSection("Authentication:openIddict:Authority")
.Value,
AutomaticAuthenticate = true,
AutomaticChallenge = true,
RequireHttpsMetadata = false,
TokenValidationParameters = new TokenValidationParameters
{
// The signing key must match!
ValidateIssuerSigningKey
= true,
IssuerSigningKey = this
.certKey,
// Validate the JWT Audience (aud) claim
ValidateAudience = false,
// ValidAudience = "",
// Validate the token expiry
ValidateLifetime = true,
// If you want to allow a certain amount of clock drift, set that here:
ClockSkew = TimeSpan.Zero
}
});
// Swagger
app.UseSwagger();
app.UseSwaggerUi();
// Request Logger
app.UseRequestMiddleware();
app.UseOpenIddict();
// Mvc
app.UseMvcWithDefaultRoute();
// Seed the Database (if needed)
try
{
dbSeeder.SeedAsync()
.Wait();
}
catch (AggregateException ex)
{
throw new Exception(ex.ToString());
}
}
Мой метод ConfigureServices() выглядит следующим образом:
public void ConfigureServices(IServiceCollection services)
{
// Setup options with DI
services.AddOptions();
// Add a reference to the Configuration object for DI
services.AddSingleton<IConfiguration>(c => this.Configuration);
// Add framework services.
services.AddMvc()
.AddJsonOptions(options => { options.SerializerSettings.Converters.Add(new StringEnumConverter()); });
// add EF's Identity support
services.AddEntityFramework();
// Database EF-Data-Context
services.AddDbContext<DataDAL>(o => o.UseSqlServer(this.Configuration["ConnectionString"]));
services.AddDbContext<UserDAL>(o =>
{
o.UseSqlServer(this.Configuration["ConnectionString"]);
o.UseOpenIddict();
});
// Add Identity Services & Stores
services.AddIdentity<IdentityUser, IdentityRole>(config =>
{
config.User.RequireUniqueEmail = true;
config.Password.RequireNonAlphanumeric = true;
config.Cookies.ApplicationCookie.AutomaticChallenge = false;
})
.AddEntityFrameworkStores<UserDAL>()
.AddDefaultTokenProviders();
// Register the OpenIddict services, including the default Entity Framework stores.
services.AddOpenIddict(options =>
{
options.AddEntityFrameworkCoreStores<UserDAL>();
// During development, you can disable the HTTPS requirement.
// For INT and PROD there is a redirection from HTTP to HTTPS.
options.DisableHttpsRequirement();
// Register the ASP.NET Core MVC binder used by OpenIddict.
// Note: if you don't call this method, you won't be able to
// bind OpenIdConnectRequest or OpenIdConnectResponse parameters.
options.AddMvcBinders();
// Enable the authorization, logout, token and userinfo endpoints.
options.EnableAuthorizationEndpoint("/connect/authorize");
options.EnableLogoutEndpoint("/connect/logout");
options.EnableTokenEndpoint("/connect/token");
options.EnableUserinfoEndpoint("/Account/Userinfo");
options.SetAccessTokenLifetime(new TimeSpan(8, 0, 0));
options.SetAuthorizationCodeLifetime(new TimeSpan(8, 0, 0));
options.SetIdentityTokenLifetime(new TimeSpan(8, 0, 0));
options.SetRefreshTokenLifetime(new TimeSpan(8, 0, 0));
// Note: the Mvc.Client sample only uses the code flow and the password flow, but you
// can enable the other flows if you need to support implicit or client credentials.
// .AllowAuthorizationCodeFlow()
options.AllowPasswordFlow();
options.AllowRefreshTokenFlow();
// Make the "client_id" parameter mandatory when sending a token request.
options.RequireClientIdentification();
// Register a new ephemeral key, that is discarded when the application
// shuts down. Tokens signed using this key are automatically invalidated.
// This method should only be used during development.
options.AddEphemeralSigningKey();
options.UseJsonWebTokens();
options.AddSigningKey(this.certKey);
});
// User Database Seeder
services.AddSingleton<DealerFrontendUserDALSeeder>();
// Single Instanzen
services.AddSingleton<RequestLoggingRepository>();
services.AddSingleton<ITokenService>(
p => TokenServiceFactory.NewInstance(this.Configuration));
// Swagger
services.AddSwaggerGen(options =>
{
options.OperationFilter<AuthorizationHeaderParameterOperationFilter>();
});
}
Это метод AuthorizationController, где запрос всегда равен нулю.
/// <summary>
/// Request an authentication Token
/// </summary>
/// <returns></returns>
[HttpPost("~/connect/token")]
[Produces("application/json")]
public async Task<IActionResult> Exchange()
{
try
{
var request = this.HttpContext.GetOpenIdConnectRequest();
Пакетные версии: OAuth.Validation 1.0.0, OpenIddict 1.0.0-rc2
Есть идеи, что я делаю неправильно или чего мне не хватает? Заранее спасибо.