Swagger Authenication with Identity Server 4

597 views
Skip to first unread message

Hayden L

unread,
Oct 1, 2016, 4:01:48 PM10/1/16
to Swagger
I had a problem where I'm either getting a invalid client message when trying to implement an authorize button similar to the pet store example. I was implementing the authorize button and can have the api selections be selected but every time I hit authorize it returns me an invalid client request. I was wondering if the invalid client message has something to do with having to implement an mvc controller and view. I don't know how to name the controller and view in order for swagger to see it.
When I hit the authorize button fiddler shows me the get request which is
 /connect/authorize?response_type=token&redirect_uri=http%3A%2F%2Flocalhost%3A15138%2Fswagger%2Fui%2Fo2c.html&realm=your-realms&client_id=swagger&scope=apil&state=oauth2 HTTP/1.1
 
Inside of Identity server I already included the client correctly with the grant type being set to implicit and the client id being swagger
It looks like this :
                    ClientId="swagger",
                    Enabled = true,
                    ClientName="Swagger",
                    AllowedGrantTypes = GrantTypes.Implicit,
                    ClientSecrets = new List<Secret>
                    {
                        new Secret("secret".Sha256())
                    },
                    AllowedScopes = new List<string>
                    {
                        "apil"
                    },
                    RedirectUris = new List<string>
                    {
                        "http://localhost:15138/swagger/ui/test.html"
                    },
                    AllowedCorsOrigins = new List<string>
                    {
                        "http://localhost:15138",
                        "http://localhost:15138"
                    }

Is there any example code that you guys know that uses implicit grant type with identity server 4 and swagger?
I've already looked at http://danielwertheim.se/use-identityserver-in-swaggerui-to-consume-a-secured-asp-net-webapi/ and tried implementing it but I get an invalid request error instead.

I'm using the useIdentityServerAuthentication parameter. My visual studio framework is the .net webCore which doesn't seem to work with owin pavakages.

Thank you in advance and if there is any additional information that needs to be provided I will be glad to add to it

tony tam

unread,
Oct 2, 2016, 3:53:01 PM10/2/16
to swagger-sw...@googlegroups.com
Hi, the petstore here:


utilizes the implicit grant flow.  You can verify the swagger definition from http://petstore.swagger.io/v2/swagger.json



--
You received this message because you are subscribed to the Google Groups "Swagger" group.
To unsubscribe from this group and stop receiving emails from it, send an email to swagger-swaggers...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Hayden L

unread,
Oct 2, 2016, 5:21:13 PM10/2/16
to Swagger
Thanks tony,
  I appreciate the link and I think I'm making progress. I had another question I was hoping you could help me with. Using fiddler I was able to check that my get request was the same as the get request as the example. The only issue is that my get request returns nothing, where as the other example get request returns html code. The code that is used to display the login screen. I have been unable to figure out where this file or data is stored. I think it might also be causing my unauthorized client error. Since there is no page to indicate login I'm worried that it throws the token away or something similar. I was hoping you could help point me where this html code is stored so i can write my own authentication screen. Thank you for the help so far
To unsubscribe from this group and stop receiving emails from it, send an email to swagger-swaggersocket+unsub...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages