search

openiddict / openiddict-core

Flexible and versatile OAuth 2.0/OpenID Connect stack for .NET
https://openiddict.com/
Apache License 2.0
4.47k stars 528 forks source link

The payload data in the screenshot appears to be in a binary or encoded format that isn't directly readable. #2151

Closed saineshwar closed 4 months ago

saineshwar commented 4 months ago

Confirm you've already contributed to this project or that you sponsor it

Version

5.7.0

Describe the bug

The payload data in the screenshot appears to be in a binary or encoded format that isn't directly readable.

image

To reproduce

using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using WebClient.EfData;
using WebOpeniddictDemo.EfData;

var builder = WebApplication.CreateBuilder(args);

// Add services to the container.
builder.Services.AddControllersWithViews();

builder.Services.AddDbContext<ApplicationDbContext>(options =>
{
    // Configure Entity Framework Core to use Microsoft SQL Server.
    options.UseSqlServer(builder.Configuration.GetConnectionString("DefaultConnection"));

    // Register the entity sets needed by OpenIddict.
    // Note: use the generic overload if you need to replace the default OpenIddict entities.
    options.UseOpenIddict();
});

// Register the Identity services.
builder.Services.AddIdentity<ApplicationUser, IdentityRole>()
    .AddEntityFrameworkStores<ApplicationDbContext>()
    .AddDefaultTokenProviders();

builder.Services.AddOpenIddict()
    // Register the OpenIddict core components.
    .AddCore(options =>
    {
        // Configure OpenIddict to use the Entity Framework Core stores and models.
        // Note: call ReplaceDefaultEntities() to replace the default OpenIddict entities.
        options.UseEntityFrameworkCore()
            .UseDbContext<ApplicationDbContext>();
    })

    // Register the OpenIddict server components.
    .AddServer(options =>
    {
        // Enable the token endpoint.
        options.SetTokenEndpointUris("connect/token");

        // Enable the client credentials flow.
        options.AllowClientCredentialsFlow();

        // Register the signing and encryption credentials.
        options.AddDevelopmentEncryptionCertificate()
            .AddDevelopmentSigningCertificate();

        // Register the ASP.NET Core host and configure the ASP.NET Core-specific options.
        options.UseAspNetCore()
            .EnableTokenEndpointPassthrough();

        options.IgnoreEndpointPermissions();
    })

    // Register the OpenIddict validation components.
    .AddValidation(options =>
    {
        // Import the configuration from the local OpenIddict server instance.
        options.UseLocalServer();

        // Register the ASP.NET Core host.
        options.UseAspNetCore();
    });

var app = builder.Build();

// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
    app.UseExceptionHandler("/Home/Error");
    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
    app.UseHsts();
}

app.UseHttpsRedirection();
app.UseStaticFiles();

app.UseRouting();

app.UseAuthorization();

app.MapControllerRoute(
    name: "default",
    pattern: "{controller=Home}/{action=Index}/{id?}");

app.Run();

Exceptions (if any)

The payload data in the screenshot appears to be in a binary or encoded format that isn't directly readable.
kevinchalet commented 4 months ago

Hi,

Support is reserved to sponsors and contributors. For more information on how to sponsor the project on GitHub, visit https://github.com/sponsors/kevinchalet.

Hope to see you on board soon!

saineshwar commented 4 months ago

Adding DisableAccessTokenEncryption worked for me.

options
     .AddEphemeralEncryptionKey()
     .AddEphemeralSigningKey()
     .DisableAccessTokenEncryption();