Неверный HTTP-запрос для конечной точки токена

Неверный HTTP-запрос для конечной точки токена ⇐ C#

1 сообщение • Страница 1 из 1

Anonymous

Неверный HTTP-запрос для конечной точки токена

Цитата

Сообщение Anonymous » 01 авг 2024, 07:10

Ошибка изображения в веб-mvc
Моя ошибка при использовании nginx http post rever poroxy to http, как исправить
Войти на сервер
Моя конфигурация nginx
сервер {
имя_сервера *.com;

Код: Выделить всё

error_page 497 https://$host$request_uri;
client_body_buffer_size 32k;
client_header_buffer_size 8k;
large_client_header_buffers 8 64k;

location / {
proxy_pass http://localhost:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;

proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
}

access_log /var/log/nginx/*.com_access.log;
error_log /var/log/nginx/*.com_error.log;

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/abc.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/abc.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

сервер {
имя_сервера *.com;

Код: Выделить всё

listen 80;
return 301 https://$host$request_uri; # managed by Certbot

примечание: *.com не мой домен, который я заменил
Исправить, помогите мне, пожалуйста

(( я пытаюсь
public static IServiceCollection AddAuthenticationConfig(this IServiceCollection Services,
IdentityOptionidentityOption)
{
//JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
services.Configure(options) =>
{
options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
options.KnownNetworks.Clear();
options.KnownProxies.Clear();
});
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = IdentityOption.OidcAuthenticationScheme;

Код: Выделить всё

                options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultForbidScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignOutScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme,
options => { options.Cookie.Name = identityOption.IdentityAdminCookieName; })
.AddOpenIdConnect(IdentityOption.OidcAuthenticationScheme, options =>
{
options.Authority = identityOption.IdentityServerBaseUrl;
options.RequireHttpsMetadata = identityOption.RequireHttpsMetadata;
options.ClientId = identityOption.ClientId;
options.ClientSecret = identityOption.ClientSecret;
options.ResponseType = identityOption.OidcResponseType;
options.Scope.Clear();
foreach (var scope in identityOption.Scopes) options.Scope.Add(scope);
options.ClaimActions.MapJsonKey(identityOption.TokenValidationClaimRole,
identityOption.TokenValidationClaimRole, identityOption.TokenValidationClaimRole);
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = identityOption.TokenValidationClaimName,
RoleClaimType = identityOption.TokenValidationClaimRole
};
options.Events = new OpenIdConnectEvents
{
OnMessageReceived = context => OnMessageReceived(context, identityOption),
OnRedirectToIdentityProvider = context =>  OnRedirectToIdentityProvider(context, identityOption)
};
options.BackchannelHttpHandler = new HttpClientHandler
{
ServerCertificateCustomValidationCallback =
HttpClientHandler.DangerousAcceptAnyServerCertificateValidator
};
});
services.AddHsts(options =>
{
options.Preload = true;
options.IncludeSubDomains = true;
options.MaxAge = TimeSpan.FromDays(365);
});

return services
;
}

private static Task OnMessageReceived(MessageReceivedContext context, IdentityOption identityOption)
{
context.Properties.IsPersistent = true;
context.Properties.ExpiresUtc =
new DateTimeOffset(DateTime.Now.AddHours(identityOption.IdentityAdminCookieExpiresUtcHours));

return Task.CompletedTask;
}

private static Task OnRedirectToIdentityProvider(RedirectContext context, IdentityOption identityOption)
{
if (!string.IsNullOrEmpty(identityOption.IdentityAdminRedirectUri))
context.ProtocolMessage.RedirectUri = identityOption.IdentityAdminRedirectUri;

return Task.CompletedTask;
}

appsetting.json
"IdentityConfiguration": {
"IdentityAdminRedirectUri": "https://localhost:7101/signin-oidc ",
"IdentityServerBaseUrl": "https://*.com",
"IdentityAdminCookieName": "IdentityServerAdmin",
"IdentityAdminCookieExpiresUtcHours": 12,
"RequireHttpsMetadata": false,
"TokenValidationClaimName": "name",
"TokenValidationClaimRole": "role",
"ClientId": "abc",
"ClientSecret": "abc",
"OidcResponseType": "код",
"Области": [
"openid",
"профиль",
"электронная почта",
" роли"
]
},

Подробнее здесь: https://stackoverflow.com/questions/788 ... n-endpoint

1722485435

Anonymous

Ошибка изображения в веб-mvc
Моя ошибка при использовании nginx http post rever poroxy to http, как исправить
Войти на сервер
Моя конфигурация nginx
сервер {
имя_сервера *.com;
[code]error_page 497 https://$host$request_uri;
client_body_buffer_size 32k;
client_header_buffer_size 8k;
large_client_header_buffers 8 64k;

location / {
proxy_pass http://localhost:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;

proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
}

access_log /var/log/nginx/*.com_access.log;
error_log /var/log/nginx/*.com_error.log;

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/abc.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/abc.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
[/code]

сервер {
имя_сервера *.com;
[code]listen 80;
return 301 https://$host$request_uri; # managed by Certbot
[/code]

примечание: *.com не мой домен, который я заменил
Исправить, помогите мне, пожалуйста :( (( я пытаюсь
public static IServiceCollection AddAuthenticationConfig(this IServiceCollection Services,
IdentityOptionidentityOption)
{
//JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
services.Configure(options) =>
{
options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
options.KnownNetworks.Clear();
options.KnownProxies.Clear();
});
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = IdentityOption.OidcAuthenticationScheme;
[code]                options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultForbidScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignOutScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme,
options => { options.Cookie.Name = identityOption.IdentityAdminCookieName; })
.AddOpenIdConnect(IdentityOption.OidcAuthenticationScheme, options =>
{
options.Authority = identityOption.IdentityServerBaseUrl;
options.RequireHttpsMetadata = identityOption.RequireHttpsMetadata;
options.ClientId = identityOption.ClientId;
options.ClientSecret = identityOption.ClientSecret;
options.ResponseType = identityOption.OidcResponseType;
options.Scope.Clear();
foreach (var scope in identityOption.Scopes) options.Scope.Add(scope);
options.ClaimActions.MapJsonKey(identityOption.TokenValidationClaimRole,
identityOption.TokenValidationClaimRole, identityOption.TokenValidationClaimRole);
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = identityOption.TokenValidationClaimName,
RoleClaimType = identityOption.TokenValidationClaimRole
};
options.Events = new OpenIdConnectEvents
{
OnMessageReceived = context => OnMessageReceived(context, identityOption),
OnRedirectToIdentityProvider = context =>  OnRedirectToIdentityProvider(context, identityOption)
};
options.BackchannelHttpHandler = new HttpClientHandler
{
ServerCertificateCustomValidationCallback =
HttpClientHandler.DangerousAcceptAnyServerCertificateValidator
};
});
services.AddHsts(options =>
{
options.Preload = true;
options.IncludeSubDomains = true;
options.MaxAge = TimeSpan.FromDays(365);
});

return services
;
}

private static Task OnMessageReceived(MessageReceivedContext context, IdentityOption identityOption)
{
context.Properties.IsPersistent = true;
context.Properties.ExpiresUtc =
new DateTimeOffset(DateTime.Now.AddHours(identityOption.IdentityAdminCookieExpiresUtcHours));

return Task.CompletedTask;
}

private static Task OnRedirectToIdentityProvider(RedirectContext context, IdentityOption identityOption)
{
if (!string.IsNullOrEmpty(identityOption.IdentityAdminRedirectUri))
context.ProtocolMessage.RedirectUri = identityOption.IdentityAdminRedirectUri;

return Task.CompletedTask;
}
[/code]
appsetting.json
"IdentityConfiguration": {
"IdentityAdminRedirectUri": "https://localhost:7101/signin-oidc ",
"IdentityServerBaseUrl": "https://*.com",
"IdentityAdminCookieName": "IdentityServerAdmin",
"IdentityAdminCookieExpiresUtcHours": 12,
"RequireHttpsMetadata": false,
"TokenValidationClaimName": "name",
"TokenValidationClaimRole": "role",
"ClientId": "abc",
"ClientSecret": "abc",
"OidcResponseType": "код",
"Области": [
"openid",
"профиль",
"электронная почта",
" роли"
]
}, 

Подробнее здесь: [url]https://stackoverflow.com/questions/78819100/invalid-http-request-for-token-endpoint[/url]