CODEWITHSUNDEEP
asp.net-corejwtopeniddict
Jan Kalfus
Jan Kalfus

Reputation: 5912

Unable to request a token, request fields empty

I'm trying to create an API for an SPA. I'm using the latest .NET Core, MVC and EF. I'd like to authenticate users using JWT, so I decided to use openiddict core. I've tried setting it up according to the examples at the github page and this blog post. The problem is that I get "The specified grant type is not supported." when requesting a token.

Here's screenshot of postman request: Postman request

Here's my ConfigureServices method:

public void ConfigureServices(IServiceCollection services)
{
    // Add framework services.
    services.AddApplicationInsightsTelemetry(Configuration);

    services.AddMvc();

    services.AddDbContext<ApplicationDbContext>(
        options => options.UseSqlServer(Configuration["Data:DefaultConnection:ConnectionString"])
    );

    services.AddIdentity<ApplicationUser, ApplicationRole>()
        .AddEntityFrameworkStores<ApplicationDbContext>()
        .AddDefaultTokenProviders();

    services.AddOpenIddict<ApplicationDbContext>()
        .UseJsonWebTokens()
        .EnableTokenEndpoint("/connect/token")
        .AllowPasswordFlow()
        .DisableHttpsRequirement()  // TODO: remove in production
        .AddEphemeralSigningKey();  // TODO: replace with a certificate, this should be used for development only
}

And the Configure method:

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
    loggerFactory.AddConsole(Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();

    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }

    app.UseApplicationInsightsRequestTelemetry();

    app.UseApplicationInsightsExceptionTelemetry();

    // don't use identity as this is a wrapper for using cookies, not needed
    // app.UseIdentity();

    app.UseJwtBearerAuthentication(new JwtBearerOptions
    {
        AutomaticAuthenticate = true,
        AutomaticChallenge = true,
        RequireHttpsMetadata = false,  // TODO: remove, dev only
        Audience = "http://localhost:42443/",  // TODO: ???
        Authority = "http://localhost:42443/"  // TODO: ???
    });

    app.UseOpenIddict();

    app.UseMvcWithDefaultRoute();
}

I'm using the AuthorizationController from the samples to handle the token requests. By observing the contents of the request argument of the Exchange method, which handles the /connect/token requests, I've discovered that it receives all the fields as nulls: Debugger

I have no idea why. The postman request should be correct according to this and this blog post. Where is the problem?

Upvotes: 4

Views: 418

Answers (1)

K&#233;vin Chalet
K&#233;vin Chalet

Reputation: 42070

As mentioned in the samples, you must register the OpenIddict MVC model binder to be able to use OpenIdConnectRequest as an action parameter.

Reference the OpenIddict.Mvc package and call AddMvcBinders and it should work:

services.AddOpenIddict<ApplicationDbContext>()
    // Register the ASP.NET Core MVC binder used by OpenIddict.
    // Note: if you don't call this method, you won't be able to
    // bind OpenIdConnectRequest or OpenIdConnectResponse parameters.
    .AddMvcBinders()

...

Upvotes: 5

Related Questions