Simsons
Reputation: 12745
IdentityServer4 Error, offline_access is not allowed for this client
I have created in Memory configuration with a helper class,
public class InMemoryConfiguration
{
public static IEnumerable<ApiResource> ApiResources()
{
return new[] {
new ApiResource("socialnetwork", "Social Network")
};
}
public static IEnumerable<Client> Clients()
{
return new[] {
new Client
{
ClientId = "socialnetwork",
ClientName = "SocialNetwork",
ClientSecrets = new [] { new Secret("secret".Sha256()) },
//Flow = Flows.ResourceOwner,
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
AllowedScopes = new [] { "socialnetwork", StandardScopes.OfflineAccess, StandardScopes.OpenId, StandardScopes.OfflineAccess },
Enabled = true
}
};
}
public static IEnumerable<TestUser> Users()
{
return new[] {
new TestUser
{
SubjectId = "1",
Username = "[email protected]",
Password = "password",
}
};
}
}
From my ASP.Net application (separate project) , I am sending the authentication request ,
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
try
{
if (!ModelState.IsValid)
{
return View(model);
}
var client = new OAuth2Client(new Uri("http://localhost:61502/connect/token"), "socialnetwork", "secret");
var requestResponse = client.RequestAccessTokenUserName(model.Email, model.Password, "openid profile offline_access");
var claims = new[]
{
new Claim("access_token", requestResponse.AccessToken),
new Claim("refresh_token", requestResponse.RefreshToken)
};
var claimsIdentity = new ClaimsIdentity(claims,
DefaultAuthenticationTypes.ApplicationCookie);
HttpContext.GetOwinContext().Authentication.SignIn(claimsIdentity);
return RedirectToLocal(returnUrl);
}
catch (Exception ex)
{
//Do my Error Handling
}
}
Now I am seeing error on my server console,
offline_access is not allowed for this client: socialnetwork
I have provided all the access to the client on allowe
d scope,
AllowedScopes = new [] { "socialnetwork", StandardScopes.OfflineAccess, StandardScopes.OpenId, StandardScopes.OfflineAccess }
Why am I getting this error? Is this related to flow or something else.
Upvotes: 4
Views: 4572
Answers (1)
Vidmantas Blazevicius
Reputation: 4802
Set AllowOfflineAccess property to true in the client config as opposed to adding it to AllowedScopes:
new Client
{
ClientId = "socialnetwork",
ClientName = "SocialNetwork",
ClientSecrets = new [] { new Secret("secret".Sha256()) },
//Flow = Flows.ResourceOwner,
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
AllowedScopes = new [] { "socialnetwork",StandardScopes.OpenId },
Enabled = true,
AllowOfflineAccess = true
}
Upvotes: 11
Related Questions
- Remove offline_access scope in identity server 4 we;;-known configuration
- Identity Server 4 - unauthorized client
- IdentityServer4 - Error: Unknown client or not enabled: oauthClient
- IdentityServer4 sample code gives unauthorized_client error
- The 'offline_access' scope is not allowed when using OpenIdDict
- Identity Server 4 - Getting invalid_client error
- IdentityServer Offline Login Practices
- IdentityServer "invalid_client" error always returned
- Why does OAuth fail when using ASP.NET Identity Core?
- Identity Server4 Unauthorized error