error: At least one OAuth2/OpenID Connect flow must be enabled.

capesean / openiddict-test

Example ASP.NET V5 project that issues & validates JWT tokens

61 stars 16 forks source link

error: At least one OAuth2/OpenID Connect flow must be enabled. #20

Closed fopsdev closed 8 years ago

fopsdev commented 8 years ago

got this error with newest bits (visual studio update 3 including a kb patch from today) on a fresh git clone:

System.InvalidOperationException was unhandled by user code
  HResult=-2146233079
  Message=At least one OAuth2/OpenID Connect flow must be enabled.
  Source=OpenIddict.Core
  StackTrace:
       at Microsoft.AspNetCore.Builder.OpenIddictExtensions.UseOpenIddict(IApplicationBuilder app)
       at openiddicttest.Startup.Configure(IApplicationBuilder app, IDatabaseInitializer databaseInitializer)

kevinchalet commented 8 years ago

With the latest OpenIddict bits, all the endpoints are disabled by default and flows must be enabled manually.

Calling EnableTokenEndpoint() and AllowPasswordFlow() should be enough:

services.AddOpenIddict<ApplicationUser, ApplicationRole, ApplicationDbContext>()
    .DisableHttpsRequirement()
    .EnableTokenEndpoint("/connect/token")
    .AllowPasswordFlow()
    .UseJsonWebTokens();

fopsdev commented 8 years ago

yeah that was it :) thanks will make a PR if possible

kevinchalet commented 8 years ago

In the meantime, maybe you should leave this ticket open to make it more visible?

fopsdev commented 8 years ago

ok, good idea

DavidDury commented 8 years ago

You have also to AllowRefreshTokenFlow(), otherwise you will get : "The 'offline_access' scope is not allowed."

 services.AddOpenIddict<ApplicationUser, ApplicationRole, ApplicationDbContext>()
            .DisableHttpsRequirement()
            .EnableTokenEndpoint("/connect/token")
            .AllowPasswordFlow()
            .AllowRefreshTokenFlow()
            .UseJsonWebTokens();

fopsdev commented 8 years ago

I've just added it to the PR, thanks