IdentityServer nodejs令牌问题

我试图在身份服务器上授权我的nodejs服务器。 我在nodejs中使用passport-openidconnect库。 我的nodejs代码: 

var express = require('express'); var session = require('express-session'); var RedisStore = require('connect-redis')(session); var Strategy = require('passport-openidconnect').Strategy; module.exports.configure = function configure(app, passport) { var auth = { authorizationURL: 'https://localhost:44333/core/connect/authorize', tokenURL: 'https://localhost:44333/core/connect/token', userInfoURL: 'https://localhost:44333/core/connect/userinfo', clientID: 'NodeJsClient', clientSecret: 'fakeSecret', callbackURL: '/auth/callback', scope: 'openid profile email offline_access', responseType: "id_token" }; app.use(session({ secret: 'someSecret', resave: false, saveUninitialized: false, secure: true, store: new RedisStore({ host: '127.0.0.1', port: 6379 }) } )); app.use(passport.initialize()); app.use(passport.session()); passport.use(new Strategy(auth, function (iss, sub, profile, jwtClaims, accessToken, refreshToken, params, verified) { verified(null, Object.assign({}, profile, {token: accessToken})); })); passport.serializeUser(function (user, done) { done(null, {id: user.id, name: user.displayName, token: user.token}); }); passport.deserializeUser(function (user, done) { done(null, user); }); app.get('/auth/login', passport.authenticate('openidconnect', {})); app.get('/auth/callback', passport.authenticate('openidconnect', {}), function (req, res) { if (!req.user) { throw new Error('user null'); } res.redirect("/"); } ); };

身份服务器端: 

 new Client() { ClientId = "NodeJsClient", ClientName = "Nodejs Demo Client", AccessTokenType = AccessTokenType.Jwt, ClientSecrets = new List<Secret>() { new Secret("fakeSecret".Sha256()) }, Flow = Flows.AuthorizationCode, RedirectUris = new List<string>() { "http://localhost:5200/auth/callback" }, AllowedScopes = new List<string>() { Constants.StandardScopes.OpenId, Constants.StandardScopes.Profile, Constants.StandardScopes.Email, Constants.StandardScopes.Roles, Constants.StandardScopes.Address, Constants.StandardScopes.OfflineAccess }, AccessTokenLifetime = 3600 }

而当我试图授权后允许个人数据的权限我有错误:

InternalOAuthError:未能获取访问令牌

我想通过redirect请求没有令牌给我的应用程序。 哪里有问题? 和你有良好的loggingnodejs库进行工作

OpenID Connect

我想清楚问题在哪里 Iside passport-openidconnect我发现更详细的错误: "Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE" 。 解决这个问题中所描述的。 此时解决scheme完全满足我。

    Interesting Posts

    如何在ReactJs组件中调用oidc-client signinSilentCallback