无法从 IdentityServer4 获取配置

【问题标题】:Unable to obtain configuration from IdentityServer4无法从 IdentityServer4 获取配置
【发布时间】:2019-04-28 05:52:48
【问题描述】:

欢迎, 这是我第一次尝试使用 Docker 容器来托管服务。我有两个服务:Integrity-IdentityIntegrity-API

Integrity-Identity 正在使用最新版本的 IdentityServer4。这是Integrity-IdentityStartup.cs的配置:

public IServiceProvider ConfigureServices(IServiceCollection services) {
        services.AddDbContext<IntegrityIdentityContext>(options =>
            options.UseSqlServer(Configuration["connectionString"]));

        services.AddIdentity<ApplicationUser, IdentityRole>()
            .AddEntityFrameworkStores<IntegrityIdentityContext>()
            .AddDefaultTokenProviders();

        services.AddMvc();

        services.AddIdentityServer(options => {
                options.IssuerUri = null;
            })
            .AddSigningCredential(Certificate.Certificate.Get())
            .AddInMemoryIdentityResources(Config.GetIdentityResources())
            .AddInMemoryApiResources(Config.GetApiResources())
            .AddInMemoryClients(Config.GetClients())
            .AddAspNetIdentity<ApplicationUser>()
            .AddCorsPolicyService<InMemoryCorsPolicyService>();

        RegisterEventBus(services);
        services.AddTransient<Seeder>();

        var container = new ContainerBuilder();
        container.Populate(services);

        return new AutofacServiceProvider(container.Build());
    }

    public void Configure(IApplicationBuilder app, IHostingEnvironment env) {
        if (env.IsDevelopment()) {
            app.UseDeveloperExceptionPage();
        }

        app.UseCors(builder => builder.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod().AllowCredentials());
        app.UseIdentityServer();
        ConfigureEventBus(app);
        app.UseMvcWithDefaultRoute();
    }

这里是Integrity-APIStartup类:

public IServiceProvider ConfigureServices(IServiceCollection services) {
        services.AddDbContext<IntegrityApiContext>(options =>
            options.UseSqlServer(Configuration["secrets:connectionString"]));

        services.AddMvcCore()
            .AddAuthorization()
            .AddJsonFormatters();

        services.AddAuthentication("Bearer")
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority = Configuration["IdentityUrl"];
                options.ApiName = "integrity_api";
                options.RequireHttpsMetadata = false;
            });

        services.AddCors(options => { 
            options.AddPolicy("CorsPolicy",
                builder => builder.AllowAnyOrigin()
                    .AllowAnyMethod()
                    .AllowAnyHeader()
                    .AllowCredentials());
        });

        var container = new ContainerBuilder();
        container.Populate(services);

        return new AutofacServiceProvider(container.Build());
    }

docker-compose.override.yml(我附上了,但我不知道这对这个问题是否重要)

integrity.identity:
  environment:
    - ASPNETCORE_ENVIRONMENT=Development
    - ASPNETCORE_URLS=https://0.0.0.0:443
    - ASPNETCORE_HTTPS_PORT=443
    - EventBusConnection=rabbitmq
  ports:
    - "5105:443"
  volumes:
    - ${APPDATA}/ASP.NET/Https:/root/.aspnet/https:ro

integrity.api:
  environment:
    - ASPNETCORE_ENVIRONMENT=Development
    - ASPNETCORE_URLS=https://+:443
    - ASPNETCORE_HTTPS_PORT=443
    - EventBusConnection=rabbitmq
    - IdentityUrl=https://integrity.identity
    - ApiUrl=https://integrity.api
  ports:
    - "5115:443"
  volumes:
    - ${APPDATA}/ASP.NET/Https:/root/.aspnet/https:ro

当我尝试使用 [Authorize] 属性和生成的令牌从控制器获取资源时,Identity-API 返回:

System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://integrity.identity/.well-known/openid-configuration'.
   at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
   at IdentityServer4.AccessTokenValidation.IdentityServerAuthenticationHandler.HandleAuthenticateAsync() in C:\local\identity\server4\AccessTokenValidation\src\IdentityServerAuthenticationHandler.cs:line 61
   at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Cors.Infrastructure.CorsMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)

编辑 1

我忘记在浏览器中添加 /.well-known/openid-configuration 作品,并且证书/https 是正确的并且可以在没有任何警告的情况下工作。

【问题讨论】:

标签: c# asp.net-core docker-compose identityserver4 asp.net-core-webapi


【解决方案1】:

我找到了解决这个问题的方法。该问题是由自签名本地证书引起的。对于本地开发,我只需要从 HTTPS 更改为 HTTP。就是这样。

【讨论】:

  • 您能否详细说明将 https 更改为 http 的含义?你已经设置了 options.RequireHttpsMetadata = false;
  • 我在 docker compose 中运行身份时也面临同样的问题,并面临错误“System.InvalidOperationException: IDX20803: Unable to get configuration from: 'localhost:44338/.well-known/openid-configuration” 你能解释一下吗更多详细信息,我可以将 HTTPS 更改为 HTTP
  • 我通过在VS中右键单击它使用项目设置更改了它。
猜你喜欢
  • 2021-01-18
  • 1970-01-01
  • 2018-09-30
  • 1970-01-01
  • 1970-01-01
  • 2019-05-19
  • 2020-06-26
  • 2020-05-26
  • 2016-10-08
相关资源
最近更新 更多
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode