angular - Docker 和身份服务器 4、api、angular:无法分配请求的地址
问题描述
我在 macos 中设置了一个 docker(但应该在任何环境中工作):
1) 在容器中运行的身份服务器 4
启动设置:
"MacTest": {
"commandName": "Project",
"environmentVariables": {
"ASPNETCORE_HTTPS_PORT": "44000",
"ASPNETCORE_ENVIRONMENT": "MacTest"
},
"applicationUrl": "https://0.0.0.0:44000"
}
dockerfile(dockerfile-idp):
ENTRYPOINT ["dotnet", "run", "--launch-profile", "MacTest"]
作曲家:
identityserver:
image: idp
build:
context: .
dockerfile: ./docker/dockerfile-idp
ports:
- "9000:9000"
- "44000:44000"
volumes:
- .:/idp
2) APIsource 在容器上运行的身份服务器上进行身份验证:launchsettings:
"MacTest": {
"commandName": "Project",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "MacLocalTest",
"ASPNETCORE_HTTPS_PORT": 44100
},
"applicationUrl": "https://0.0.0.0:44100"
}
dockerfile (dockerfile-api):
ENTRYPOINT ["dotnet", "run", "--launch-profile", "MacTest"]
作曲家:
api:
image: api
build:
context: .
dockerfile: ./docker/dockerfile-api
ports:
- "9100:9100"
- "44100:44100"
volumes:
- .:/api
3) 在其他容器上运行的 Angular 应用程序
问题:Angular 登录页面可以连接到身份服务器,并且可以获得有效的令牌……好的
它可以Api和检索公共数据......好的
但是它不能使用授权调用受保护的方法。我开始相信 api 尝试从身份服务器验证自己,但由于某种原因它无法访问服务器。
[HttpGet("info")]
[AppAuthorize] => THIS NOT WORK
public IActionResult Info()
{
...
}
错误:
System.Net.Sockets.SocketException (99): Cannot assign requested address
at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)
HttpRequestException: Cannot assign requested address
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask<TResult>.get_Result()
System.Net.Http.HttpConnectionPool.CreateConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask<TResult>.get_Result()
System.Net.Http.HttpConnectionPool.WaitForCreatedConnectionAsync(ValueTask<ValueTuple<HttpConnection, HttpResponseMessage>> creationTask)
System.Threading.Tasks.ValueTask<TResult>.get_Result()
System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, bool doRequestAuth, CancellationToken cancellationToken)
System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task<HttpResponseMessage> sendTask, HttpRequestMessage request, CancellationTokenSource cts, bool disposeCts)
Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(string address, CancellationToken cancel)
Show raw exception details
System.Net.Http.HttpRequestException: Cannot assign requested address ---> System.Net.Sockets.SocketException: Cannot assign requested address
at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)
--- End of inner exception stack trace ---
at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.CreateConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.WaitForCreatedConnectionAsync(ValueTask`1 creationTask)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
IOException: IDX20804: Unable to retrieve document from: 'https://localhost:44000/.well-known/openid-configuration'.
Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(string address, CancellationToken cancel)
Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(string address, IDocumentRetriever retriever, CancellationToken cancel)
Microsoft.IdentityModel.Protocols.ConfigurationManager<T>.GetConfigurationAsync(CancellationToken cancel)
Show raw exception details
System.IO.IOException: IDX20804: Unable to retrieve document from: 'https://localhost:44000/.well-known/openid-configuration'. ---> System.Net.Http.HttpRequestException: Cannot assign requested address ---> System.Net.Sockets.SocketException: Cannot assign requested address
at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)
--- End of inner exception stack trace ---
at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.CreateConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.WaitForCreatedConnectionAsync(ValueTask`1 creationTask)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
--- End of inner exception stack trace ---
at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://localhost:44000/.well-known/openid-configuration'.
Microsoft.IdentityModel.Protocols.ConfigurationManager<T>.GetConfigurationAsync(CancellationToken cancel)
Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
Microsoft.AspNetCore.Authentication.AuthenticationHandler<TOptions>.AuthenticateAsync()
Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, string scheme)
IdentityServer4.AccessTokenValidation.IdentityServerAuthenticationHandler.HandleAuthenticateAsync() in C:\local\identity\server4\AccessTokenValidation\src\IdentityServerAuthenticationHandler.cs
Microsoft.AspNetCore.Authentication.AuthenticationHandler<TOptions>.AuthenticateAsync()
Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, string scheme)
Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Cors.Infrastructure.CorsMiddleware.InvokeCore(HttpContext context)
Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
我正在尝试设置一个新的湿工作设置,但非常具有挑战性,我什至不知道网络是否有问题。有人可以帮忙吗?
谢谢你
解决方案
所以你已经展示了很多 IdentityServer 的设置,但是你还没有展示你的 API 的很多设置。
我最好的选择是以下两种之一:
1)您尚未安装中间件并在您的 API 上正确设置它。因此 API 无法对不记名令牌做任何事情。
来自文档:保护 API
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
// base-address of your identityserver
options.Authority = "https://demo.identityserver.io";
// name of the API resource
options.Audience = "api1";
});
您需要添加权限(即 IdentityServer),然后您需要告诉 IdentityServer 它将保护 API。所有这些都可以在文档中找到。
2)两个 docker 容器之间的网络不允许它们相互通信。
尝试使用 SSH 连接到 API 的 docker 容器(谷歌如何做到这一点)。尝试使用 cURL 调用身份服务器,看看是否可以从 API 的 Docker 容器内部访问 IP。如果你不能这样做,你需要在两个 docker 容器之间设置一个共享的内部网络。
推荐阅读
- php - 如何从 Auth::attempt false return 获取更多信息?
- sql - 子查询与连接性能
- python - "from rest_framework.parsers import JSONParser" 给出错误:ImportError: cannot import name 'SkipError'
- google-app-engine - /bin/sh: 1: exec: gunicorn: 未找到
- angular - 重新路由到 nginx 中的登录页面
- google-cloud-platform - 无法将 GPU 添加到 GCP AI 平台笔记本实例
- vue.js - 如何从一个 vue 应用程序向多个 vue 应用程序发出信号
- python - 在 SHAP 力图中,有没有办法将 x 轴的值更改为自定义名称?
- apache-spark - 根据时间戳差异删除行 - 火花
- huawei-mobile-services - Android异常ApiException:-1:核心错误