Menu
So I have the following setup:
Frontend: AngularJS App
Backend: WebApi with Identity Server to validate clients
In my Backend I create a new in-memory client like so:
new Client
{
Enabled = true,
ClientId = "myapp.mycompany",
ClientUri = "https://myapp.mycompany.com",
ClientName = "My Client",
Flow = Flows.Implicit,
AllowAccessToAllScopes = true,
IdentityTokenLifetime = 300,
AccessTokenLifetime = 3600,
RequireConsent = false,
RedirectUris = new List<string>
{
"https://myapp.mycompany.com/assets/idSrv/callback.html",
"https://myapp.mycompany.com/assets/idSrv/silentrefreshframe.html"
},
PostLogoutRedirectUris = new List<string>
{
"https://myapp.mycompany.com/index.html"
}
},
In my front-end I have the following code that declares the client, I use the oidc-token-manager.js client
var authority = 'https://sts.mycompany.com/identity';
return {
baseUri: protocol,
tokenConfig: {
'client_id': 'myapp.mycompany',
'authority': authority,
'redirect_uri': 'https://myapp.mycompany.com/assets/idSrv/callback.html',
'post_logout_redirect_uri': 'https://myapp.mycompany.com/index.html',
'response_type': 'id_token token',
'scope': 'openid profile roleScope webApiScope',
'silent_redirect_uri': 'https://myapp.mycompany.com/assets/idSrv/silentrefreshframe.html',
'silent_renew': true
},
isDebugging: isDebugging
};
When I try to access my website at:
http://myapp.mycompany.com
I get the following error:
The client application is not known or is not authorized.
I have enabled logging, this is what I get:
"Unknown client or not enabled: myapp.mycompany"
"{
\"RedirectUri\": \"https://myapp.mycompany.com/assets/idSrv/callback.html\",
\"SubjectId\": \"unknown\",
\"Flow\": \"AuthorizationCode\",
\"RequestedScopes\": \"\",
\"Raw\": {
\"state\": \"18141519257414835\",
\"nonce\": \"8585758378803323\",
\"client_id\": \"myapp.mycompany\",
\"redirect_uri\": \"https://myapp.mycompany.com/assets/idSrv/callback.html\",
\"response_type\": \"id_token token\",
\"scope\": \"openid profile roleScope webApiScope\"
}
}"
End authorize request
3001: "Endpoint failure" / "Endpoints" (Failure), Context: EventContext { ..., Details: EndpointDetail { EndpointName: "authorize" }
941
C programming language is a machine-independent programming language that is mainly used to create many types of applications and operating systems such as Windows, and other complicated programs such as the Oracle database, Git, Python interpreter, and games and is considered a programming foundation in the process of ...
Full form of C is “COMPILE”. One thing which was missing in C language was further added to C++ that is 'the concept of CLASSES'.
C is a general-purpose language that most programmers learn before moving on to more complex languages. From Unix and Windows to Tic Tac Toe and Photoshop, several of the most commonly used applications today have been built on C. It is easy to learn because: A simple syntax with only 32 keywords.
What is C? C is a general-purpose programming language created by Dennis Ritchie at the Bell Laboratories in 1972. It is a very popular language, despite being old. C is strongly associated with UNIX, as it was developed to write the UNIX operating system.
may be you have to allow your clientRoot in cors origins and i see that the flow is not the same.
i see Implicit flow in your client config but server displaying Authorization code flow!
"myApp": {
"ClientId": "spa-myApp",
"ClientName": "myAppSPA",
"ClientUri": "http://localhost:4200",
"RequireConsent": false,
"AllowedGrantTypes": [ "implicit" ],
"AllowAccessTokensViaBrowser": true,
"RedirectUris": [
"http://localhost:4200/assets/html/popup-login-redirect.html",
"http://localhost:4200/assets/html/silent-refresh-redirect.html"
],
"PostLogoutRedirectUris": [ "http://localhost:4200?postLogout=true" ],
"FrontChannelLogoutUri": "http://localhost:4200?frontchannellogout=true",
"FrontChannelLogoutSessionRequired": true,
"AllowedCorsOrigins": [ "http://localhost:4200" ], // here you have to add your client root
"AllowedScopes": [ "openid", "profile", "qsdqsdqs", "qdqsd" ],
"IdentityTokenLifetime": 18000,
"AccessTokenLifetime": 18000
},
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
