IdentityServer 报错:"idp claim is missing"

2021-02-15 14:32发布

一个使用 IdentityServer4 的 ASP.NET Core 项目在完成登录后跳转到 /connect/authorize/callback 时报错,对应的错误日志如下:

Unhandled exception: idp claim is missing
System.InvalidOperationException: idp claim is missing
   at IdentityServer4.Extensions.PrincipalExtensions.GetIdentityProvider(IIdentity identity)
   at IdentityServer4.Extensions.PrincipalExtensions.GetIdentityProvider(IPrincipal principal)
   at IdentityServer4.ResponseHandling.AuthorizeInteractionResponseGenerator.ProcessLoginAsync(ValidatedAuthorizeRequest request)
   at IdentityServer4.ResponseHandling.AuthorizeInteractionResponseGenerator.ProcessInteractionAsync(ValidatedAuthorizeRequest request, ConsentResponse consent)
   at IdentityServer4.Endpoints.AuthorizeEndpointBase.ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, ConsentResponse consent)
   at IdentityServer4.Endpoints.AuthorizeEndpoint.ProcessAsync(HttpContext context)
   at IdentityServer4.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IEndpointRouter router, IUserSession session, IEventService events, IBackChannelLogoutService backChannelLogoutService)

请问如何解决?

2条回答
来,给爷笑一个
2楼-- · 2021-02-15 15:12

OIDC对idtoken的规范中idp并不是必选的,iss,sub以及有效时间两个字段是必选的。

这里报错应该是ids4自身的实现要求的吧。

查看更多
爷的心禁止访问
3楼-- · 2021-02-15 15:37

通过下面的代码解决了,详见博文 解决 IdentityServer 授权与登录分离的问题

var isu = new IdentityServerUser(userId.ToString());
isu.IdentityProvider = IdentityServerConstants.LocalIdentityProvider;
isu.AuthenticationMethods.Add(OidcConstants.AuthenticationMethods.Password);
isu.AuthenticationTime = DateTime.UtcNow;

await HttpContext.SignInAsync(
    IdentityServerAuthentication.DefaultScheme,
    isu.CreatePrincipal());
查看更多
登录 后发表回答