search

IdentityServer / IdentityServer4

OpenID Connect and OAuth 2.0 Framework for ASP.NET Core
https://identityserver.io
Apache License 2.0
9.23k stars 4.02k forks source link

Getting an invalid_request response #1587

Closed gdubs closed 7 years ago

gdubs commented 7 years ago

Trying to follow this getting started tutorial for IdentityServer and I'm currently trying to get my first token (https://www.scottbrady91.com/Identity-Server/Getting-Started-with-IdentityServer-4) \

This is the one I sent:

http://localhost:15319/connect/token?grant_type=client_credentials&scope=customAPI.read&client_id=oauthClient&client_secret=superSecretPassword

But, I'm getting a response.

{
    "error": "invalid_client"
}

Following are the logs, but I can't seem to find online what I'm doing wrong why the secret and identifier could not be found.

This is what my startup.cs looks like

public class Startup
    {
        public Startup(ILoggerFactory loggerFactory, IHostingEnvironment environment)
        {
            var serilog = new LoggerConfiguration()
                .MinimumLevel.Verbose()
                .Enrich.FromLogContext()
                .WriteTo.File(@"gor_identityserver4_log.txt");

            if (environment.IsDevelopment())
            {
                serilog.WriteTo.LiterateConsole(outputTemplate: "[{Timestamp:HH:mm:ss} {Level}] {SourceContext}{NewLine}{Message}{NewLine}{Exception}{NewLine}");
            }

            loggerFactory
                .WithFilter(new FilterLoggerSettings
                {
                    { "IdentityServer", LogLevel.Debug },
                    { "Microsoft", LogLevel.Information },
                    { "System", LogLevel.Error },
                })
                .AddSerilog(serilog.CreateLogger());
        }

        // This method gets called by the runtime. Use this method to add services to the container.
        // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddIdentityServer()
                    .AddInMemoryClients(Clients.Get())
                    .AddInMemoryIdentityResources(Resources.GetIdentityResources())
                    .AddInMemoryApiResources(Resources.GetApiResources())
                    .AddTestUsers(MockUsers.Get())
                    .AddTemporarySigningCredential();
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
           // loggerFactory.AddConsole(LogLevel.Trace);

            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            //        await context.Response.WriteAsync(message);
            //    });
            //});

            //app.Run(async (context) =>
            //{
            //    await context.Response.WriteAsync("Hello World!");
            //});

            app.UseIdentityServer();
        }
    }

Relevant parts of the log file

2017-10-05 16:11:29.689 +08:00 [Information] Request starting HTTP/1.1 POST http://localhost:15319/connect/token application/x-www-form-urlencoded 491
2017-10-05 16:11:29.711 +08:00 [Debug] CORS request made for path: "/connect/token" from origin: "chrome-extension://fhbjgbiflinjbdggehcddcbncdddomop"
2017-10-05 16:11:29.720 +08:00 [Debug] Client list checked and origin: "chrome-extension://fhbjgbiflinjbdggehcddcbncdddomop" is not allowed
2017-10-05 16:11:29.724 +08:00 [Warning] CorsPolicyService did not allow origin: "chrome-extension://fhbjgbiflinjbdggehcddcbncdddomop"
2017-10-05 16:11:29.733 +08:00 [Debug] Request path "/connect/token" matched to endpoint type Token
2017-10-05 16:11:29.741 +08:00 [Debug] Mapping found for endpoint: Token, creating handler: "IdentityServer4.Endpoints.TokenEndpoint"
2017-10-05 16:11:29.787 +08:00 [Information] Invoking IdentityServer endpoint: "IdentityServer4.Endpoints.TokenEndpoint" for "/connect/token"
2017-10-05 16:11:29.796 +08:00 [Verbose] Processing token request.
2017-10-05 16:11:29.822 +08:00 [Debug] Start token request.
2017-10-05 16:11:29.834 +08:00 [Debug] Start client validation
2017-10-05 16:11:29.842 +08:00 [Debug] Start parsing Basic Authentication secret
2017-10-05 16:11:29.848 +08:00 [Debug] Start parsing for secret in post body
2017-10-05 16:11:29.895 +08:00 [Debug] No secret in post body found
2017-10-05 16:11:29.897 +08:00 [Debug] Parser found no secret
2017-10-05 16:11:29.905 +08:00 [Error] No client identifier found
2017-10-05 16:11:29.909 +08:00 [Verbose] Invoking result: "IdentityServer4.Endpoints.Results.TokenErrorResult"
2017-10-05 16:11:30.207 +08:00 [Information] Request finished in 517.5191ms 400 application/json
brockallen commented 7 years ago

Read the docs: http://docs.identityserver.io/en/release/endpoints/token.html

gdubs commented 7 years ago

I read it. And I have the required parameters on my body / query string. I'm using client_credentials grant_type.

I found the parser file for identityserver3. I'm assuming it's doing the same thing for 4? If so, I'm not sure why it's not finding the client_secret that I have on my post request

brockallen commented 7 years ago

POST params != query params

gdubs commented 7 years ago

found out what happened. I have to use "raw" when I post it with Postman and not form data.

lock[bot] commented 4 years ago

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.