如何解决如何使用 node oidc provider 获取用户信息
我获得了访问令牌,我会将 access_token 传递给 userinfo 端点,它会抛出一个提供的令牌无效错误如何解决此问题。我试图调试为什么会抛出这个错误我们有 validateAccesstoken 方法(userinfo.js) 在这个方法中检查 access_token 是否存在使用此代码 await ctx.oidc.provider.Accesstoken .find(accesstokenValue); 当我打印这个结果时它显示 undefined
oidc_configuration.js
const oidc = new Provider('http://localhost:3000',{
clients: [
{
client_id: 'oidcclIENT',client_secret: '...',grant_types: ['refresh_token','authorization_code'],redirect_uris: ['http://sso-client.dev/providers/7/open_id','http://sso-client.dev/providers/8/open_id'],}
],interactions: {
url(ctx,interaction) { // eslint-disable-line no-unused-vars
return `/api/v1/open_id/interaction/${interaction.uid}`;
},},cookies: {
keys: ['some secret key','and also the old rotated away some time ago','and one more'],claims: {
address: ['address'],email: ['email','email_verified'],phone: ['phone_number','phone_number_verified'],profile: ['birthdate','family_name','gender','given_name','locale','middle_name','name','nickname','picture','preferred_username','profile','updated_at','website','zoneinfo'],features: {
devInteractions: { enabled: false },// defaults to true
deviceFlow: { enabled: true },// defaults to false
revocation: { enabled: true },// defaults to false
},jwks: {
keys: [
{
d: 'VEZOsY07JTFzGTqv6cC2Y32vsfChind2I_TTuvV225_-0zrSej3XLRg8iE_u0-3GsgiGi4WImmTwmEgLo4Qp3uEcxCYbt4NMJC7fwT2i3dfRZjtZ4yJwFl0SIj8TgfQ8ptwZbFZUlcHGXZIr4nL8GXyQT0CK8wy4COfmymHrrUoyfZA154ql_OsoiupSUCRcKVvZj2JHL2KILsq_sh_l7g2dqAN8D7jYfJ58MkqlknBMa2-zi5I0-1JUOwztVNml_zGrp27UbEU60RqV3GHjoqwI6m01U7K0a8Q_SQAKYGqgepbAYOA-P4_TLl5KC4-WWBZu_rVfwgSENwWNEhw8oQ',dp: 'E1Y-SN4bQqX7kP-bNgZ_gEv-pixJ5F_EGocHKfS56jtzRqQdTurrk4jIVpI-ZITA88lWAHxjD-OaoJUh9Jupd_lwD5Si80PyVxOMI2xaGQiF0lbKJfD38Sh8frRpgelZVaK_gm834B6SLfxKdNsP04DsJqGKktODF_fZeaGFPH0',dq: 'F90JPxevQYOlAgEH0TUt1-3_hyxY6cfPRU2HQBaahyWrtcwpaOzenKZnvGFZdg-BuLVKjCchq3G_70OLE-XDP_ol0UTJmDTT-WyuJQdEMpt_WFF9yJGoeIu8yohfeLatU-67ukjghJ0s9CBzNE_LrGEV6Cup3FXywpSYZAV3iqc',e: 'AQAB',kty: 'RSA',n: 'xwQ72P9z9OYshiQ-ntDYaPnnfwG6u9JAdLMZ5o0dmjlcyrvwQRdoFIKPnO65Q8mh6F_LDSxjxa2Yzo_wdjhbPZLjfUJXgCzm54cclXzT5twzo7lzoAfaJlkTsoZc2HFWqmcri0BuzmTFLZx2Q7wYBm0pXHmQKF0V-C1O6NWfd4mfBhbM-I1tHYSpAMgarSm22WDMDx-WWI7TEzy2QhaBVaENW9BKaKkJklocAZCxk18WhR0fckIGiWiSM5FcU1PY2jfGsTmX505Ub7P5Dz75Ygqrutd5tFrcqyPAtPTFDk8X1InxkkUwpP3nFU5o50DGhwQolGYKPGtQ-ZtmbOfcWQ',p: '5wC6nY6Ev5FqcLPCqn9fC6R9KUuBej6NaAVOKW7GXiOJAq2WrileGKfMc9kIny20zW3uWkRLm-O-3Yzze1zFpxmqvsvCxZ5ERVZ6leiNXSu3tez71ZZwp0O9gys4knjri-9w46l_vFuRtjL6XEeFfheZFaNJpz-lcnb3w0okrbM',q: '3I1qeEDslZFB8iNfpKAdWtz_Wzm6-jayT_V6aIvhvMj5mnU-Xpj75zLPQSGa9wunMlOoZW9w1wDO1FVuDhwzeOJaTm-Ds0MezeC4U6nVGyyDHb4cua3ml2tzt4yLrqGYMT7XbADSvuWYADHw79OFjEi4T3s3tJymhaBvy1ulv8M',qi: 'wSbXte9PcPtr788e713KHQ4waE26CzoXx-JNOgN0iqJMN6C4_XJEX-cSvCZDf4rh7xpXN6SGLVd5ibIyDJi7bbi5EQ5AXjazPbLBjRthcGXsIuZ3AtQyR0CEWNSdM7EyM5TRdyZQ9kftfz9nI03guW3iKKASETqX2vh0Z8XRjyU',use: 'sig',{
crv: 'P-256',d: 'K9xfPv773dZR22TVUB80xouzdF7qCg5cWjPjkHyv7Ws',kty: 'EC',x: 'FWZ9rSkLt6Dx9E3pxLybhdM6xgR5obGsj5_pqmnz5J4',y: '_n8G69C-A2Xl4xUW2lF0i8ZGZnk_KPYrhv4GbTGu5G4',],});
// Heroku has a proxy in front that terminates ssl,you should trust the proxy.
oidc.proxy = true;
const callback = oidc.callback();
解决方法
您在没有持久适配器的情况下运行,这意味着使用内存中的适配器,您是否可能在调用 userinfo 端点之前收到访问令牌后重新启动服务器?
,完成认证后,您将获得 access_token 和 id_token。我认为您使用 id_token 代替了 access_token,这就是您看到该错误的原因
改为使用 access_token 即可查看详情
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
