I have an IdentityServer4 application running with ASP.NET Identity. I want to use that so users from another application can login through my remote identity server.
I have configured a client application in identity server with the following settings (showing only relevant settings):
ClientId: mvc
ProtocolType: oidc
ClientSecret: K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=
(URLs to client app)
RedirectUri: https://localhost:44313/signin-oidc
PostLogoutRedirectUri: https://localhost:44313/signout-callback-oidc
GrantType: Hybrid
My client application (server side Blazor app) has the following settings configured in Startup.cs.
// Add authentication
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
.AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.RequireHttpsMetadata = false;
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.Authority = "http://localhost:5000/"; // local identity server url
options.ClientId = "mvc";
options.ClientSecret = "K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=";
options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("profile openid web_api");
});
When I start my client app, I then get redirect to my IdentityServer login page. I can then login with a username and password. When I login I then get redirected back to my client application https://localhost:44313/signin-oidc.
But then I get the following error on that page:
OpenIdConnectProtocolException: Message contains error: 'invalid_client', error_description: 'error_description is null', error_uri: 'error_uri is null'.
To me it looks like I am using the correct ClientId?
What am I doing wrong?
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://i.stack.imgur.com/mjOkY.png', '推荐 做个烂人 的文章《Invalid_client using OpenIdConnect in client appli》','https://www.manongdao.com/article-2011253.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}