Search code examples
javascriptc#oauth-2.0identityserver4

Calling Identity Server Token EndPoint

I want to call the Token Endpoint of IdentityServer 4 from my React App (running on http://localhost:3000). So in some login method I am doing:

login = () => {
    const userdata = {
      username: 'admin',
      password: 'admin',
    };
    const dataForBody = `${'client_id=js&'}${'grant_type=password&' +
        'username='}${encodeURI(userdata.username)}&` +
        `password=${encodeURI(userdata.password)}&` +
        `scope=${encodeURI('api1')}`;

    const messageHeaders = {
      'Content-Type': 'application/x-www-form-urlencoded',
    };

    axios({
      method: 'post',
      url: 'http://localhost:5000/connect/token',
      headers: messageHeaders,
      data: dataForBody,
    })
      .then((response) => {
        console.log(response);
      });
  }

Now I am getting the following response:

{"error":"unauthorized_client"}

My IdSrv set up is something like the js application sample.

config.cs

namespace QuickstartIdentityServer
{
    public class Config
    {
        // scopes define the API resources in your system
        public static IEnumerable<ApiResource> GetApiResources()
        {
            return new List<ApiResource>
            {
                new ApiResource("api1", "My API")
            };
        }

        // client want to access resources (aka scopes)
        public static IEnumerable<Client> GetClients()
        {
            return new List<Client>
            {
                 new Client
                {
                    ClientId = "js",
                    ClientName = "JavaScript Client",
                    AllowedGrantTypes = GrantTypes.Implicit,
                    AllowAccessTokensViaBrowser = true,

                    RedirectUris =           { "http://localhost:3000/login" },
                    AllowedCorsOrigins =     { "http://localhost:3000" },

                    AllowedScopes =
                    {
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                        "api1"
                    }
                }
            };
        }

        public static List<TestUser> GetUsers()
        {

            return new List<TestUser> {
                new TestUser {
                    SubjectId = "1", Username = "admin", Password = "admin"
                },
             };

        }

    }
}

startup.cs

namespace QuickstartIdentityServer
{
    public class Startup
    {
        public void ConfigureServices(IServiceCollection services)
        {
            // configure identity server with in-memory stores, keys, clients and scopes
            services.AddIdentityServer()
                .AddTemporarySigningCredential()
                .AddInMemoryApiResources(Config.GetApiResources())
                .AddInMemoryClients(Config.GetClients())
                .AddTestUsers(Config.GetUsers());
        }

        public void Configure(IApplicationBuilder app, ILoggerFactory loggerFactory)
        {
            loggerFactory.AddConsole(LogLevel.Debug);
            app.UseDeveloperExceptionPage();

            app.UseIdentityServer();
        }
    }
}

Am I missing something?

Solution

  • The problem is in the client definition:

    AllowedGrantTypes = GrantTypes.Implicit,

    is not correct. We have to use instead:

    AllowedGrantTypes = ResourceOwnerPassword