如何解决为 SwaggerUI 启用 AuthUsePkce 但服务器返回 pkce_missing_challenge
我在我的 asp net core 3.0 应用程序中使用了 Swashbuckle 的 v5.0.0 版:
options.AddSecurityDeFinition("OAuth2",new OpenApiSecurityScheme
{
Type = SecuritySchemeType.OAuth2,Flows = new OpenApiOAuthFlows
{
AuthorizationCode = new OpenApiOAuthFlow
{
AuthorizationUrl = new Uri("https://my.okta.com/oauth2/v1/authorize"),TokenUrl = new Uri("https://my.okta.com/oauth2/v1/token"),Scopes = new Dictionary<string,string>
{
{ "openid","desc" }
},}
},Description = "Balea Server OpenId Security Scheme"
});
app.UseSwaggerUI(options =>
{
options.RoutePrefix = "docs";
options.OAuthScopeSeparator(",");
options.OAuthUsePkce();
});
但是认证服务器返回错误:
pkce_missing_challenge
这里是Auth服务器收到的请求日志:
/oauth2/v1/authorize?response_type=code&client_id=xxxxxxxxxxxxx&redirect_uri=https%3A%2F%2Flocalhost%3A8002%2Fdocs%2Foauth2-redirect.html&scope=openid&state=VHVlIE1hciAwMiAyMDIxIDExOjIyOjM3IednVCswMDAwIChXZXN0ZXJuIEV1cm9wZWFuIFN0YW5kYXJkIFRpbWUp
解决方法
因此,由于 this,我使用了以下配置而不是“Pkce”:
options.AddSecurityDefinition("OAuth2",new OpenApiSecurityScheme
{
Type = SecuritySchemeType.OAuth2,Flows = new OpenApiOAuthFlows
{
Implicit = new OpenApiOAuthFlow
{
AuthorizationUrl = new Uri($"mydomain.com/oauth2/default/v1/authorize"),TokenUrl = new Uri($"mydomain.com/oauth2/default/v1/token"),Scopes = new Dictionary<string,string>
{
{ "openid","test" },},}
},});
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。