oauth - code_challenge 缺少 IdentityServer4 (v4.1.2) Mvc 客户端

问题描述

我想Hybrid flow在我的应用程序中使用。我什RequirePkce至false在客户端配置中设置了。我仍然收到错误code_challenge is missing

客户端配置

new Client
{
    ClientId = "mvc",
    ClientName = "MVC Client",
    ClientSecrets = new List<Secret>
    {
        new Secret("secret".Sha256())
    },
    ClientUri = $"{clientsUrl["Mvc"]}", 
    AllowedGrantTypes = GrantTypes.Hybrid,               
    AllowAccessTokensViaBrowser = false,
    RequirePkce = false,
    RequireConsent = false,
    AllowOfflineAccess = true,
    AlwaysIncludeUserClaimsInIdToken = true,
    RedirectUris = new List<string>
    {
        $"{clientsUrl["Mvc"]}/signin-oidc"
    },
    PostLogoutRedirectUris = new List<string>
    {
        $"{clientsUrl["Mvc"]}/signout-callback-oidc"
    },
    AllowedScopes = new List<string>
    {
        IdentityServerConstants.StandardScopes.OpenId,
        IdentityServerConstants.StandardScopes.Profile,
        "things",
        "rules"
    },
    AccessTokenLifetime = 60*60*2, // 2 hours
    IdentityTokenLifetime= 60*60*2 // 2 hours
}

MVC 客户端

services.AddAuthentication(options =>
{
    options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddCookie(setup => setup.ExpireTimeSpan = TimeSpan.FromMinutes(sessionCookieLifetime))
.AddOpenIdConnect(options =>
{
    options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.Authority = identityUrl.ToString();
    options.SignedOutRedirectUri = callBackUrl.ToString();
    options.ClientId = "mvc";
    options.ClientSecret = "secret";
    options.UsePkce = false;
    options.ResponseType = "code id_token";
    options.SaveTokens = true;
    options.GetClaimsFromUserInfoEndpoint = true;
    options.RequireHttpsMetadata = false;
    options.Scope.Add("openid");
    options.Scope.Add("profile");
});

标签： oauthjwtasp.net-identityidentityserver4openid-connect