I’m trying to implement the Authorization Code Flow with Identity Server 3. After doing some work, it seems that it is working Ok (the client receives the authorization code and then it changes it for id_token and access_token). The only problem that I’m having is that the IDS3 log is printing the following error:
I have the following configuration for the Client:
new Client
{
ClientName = "FHICT_CLIENT",
ClientId = "FHICT_CLIENT",
Enabled = true,
RequireConsent=false,
RedirectUris= new List<string>{"https://localhost/F-OpenID/login.php", "http://localhost/F-OpenID/login.php"},
Flow = Flows.AuthorizationCode,
ClientSecrets = new List<Secret>
{
new Secret("MARTIN".Sha256())
},
AllowedScopes = new List<string>
{
"roles",
"openid",
"profile",
"email",
}
}
I don’t know why is reading/ trying to read the Authorization Code more than one time. Moreover the Client is just receiving and sending the Authorization Code.
I have read the documentation and also the OpenId protocol, but I am still new to this subject. I got lost between Authorization Server obtains End-User Consent/Authorization. and Authorization Server sends the End-User back to the Client with an Authorization Code.
As attached file I'm sending you the IDS3 log. I would appreciate if you can share with me some thoughts about this. The bright side is that the client is receiving the id_token and access_token,
Hi,
I’m trying to implement the Authorization Code Flow with Identity Server 3. After doing some work, it seems that it is working Ok (the client receives the authorization code and then it changes it for id_token and access_token). The only problem that I’m having is that the IDS3 log is printing the following error:
iisexpress.exe Error: 0 : 2015-11-11 10:41:43.461 +13:00 [Error] Invalid authorization code: 83f13f98a458db02cd00e42c6cdaf7cb
I have the following configuration for the Client:
I don’t know why is reading/ trying to read the Authorization Code more than one time. Moreover the Client is just receiving and sending the Authorization Code.
I have read the documentation and also the OpenId protocol, but I am still new to this subject. I got lost between Authorization Server obtains End-User Consent/Authorization. and Authorization Server sends the End-User back to the Client with an Authorization Code.
As attached file I'm sending you the IDS3 log. I would appreciate if you can share with me some thoughts about this. The bright side is that the client is receiving the id_token and access_token,
Thanks a lot,
Martin