ASP.NET core blazor webassembly getting token for Identity Server 4 Postman testing
I am trying to test my api with postman in a blazor webassembly asp.net core hosted app with identity server 4 individual accounts. Unfortunately, despite having tried many different configuration options to get a new token, I have been unable to get one. Here is what I've tried
This one results in the postman browser emulator pop up and never finishes.
This one fails but I get the more informative error that info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2] Authorization failed. These requirements were not met: DenyAnonymousAuthorizationRequirement: Requires an authenticated user.
However, when I then try and use the default testing username and password I get Error: unauthorized_client
I followed the set up step by step in this article using the API authorization options instead of the profile service option (and I'm developing locally, not using azure.) What do I need to do to get a token? I appreciate the help, thanks.
EDIT: attempted adding a new Client in ConfigureServices but the same behavior happens with the postman browser emulator pop up and never finishing.
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, ApplicationDbContext>(options => {
options.IdentityResources["openid"].UserClaims.Add("name");
options.ApiResources.Single().UserClaims.Add("name");
options.IdentityResources["openid"].UserClaims.Add("role");
options.ApiResources.Single().UserClaims.Add("role");
options.Clients.Add(new IdentityServer4.Models.Client()
{
ClientId = "postman",
AllowedGrantTypes = GrantTypes.Code,
AllowOfflineAccess = true,
ClientSecrets = { new Secret("secret".Sha256()) },
RedirectUris = { "http://localhost:21402/signin-oidc", "https://oauth.pstmn.io/v1/browser-callback" },
PostLogoutRedirectUris = { "http://localhost:21402/" },
FrontChannelLogoutUri = "http://localhost:21402/signout-oidc",
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email,
"Onero.ServerAPI"
},
});
});
After days of reading the docs and blogs to get an overall picture I finally was able to do it! What I did was the following:
Looked closely at the output from starting up my Server project, which is where I saw this:
That made me realize that I had been using the wrong endpoint for the Auth URL in Postman. So I changed it to https://localhost:5001/connect/authorize. I then used this configuration in Postman
Combined with adding the Postman client like so in the Server's Startup.cs file
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, ApplicationDbContext>(options => {
...
options.Clients.Add(new IdentityServer4.Models.Client()
{
ClientId = "Postman",
AllowedGrantTypes = GrantTypes.Code,
AllowOfflineAccess = true,
ClientSecrets = { new Secret("secret".Sha256()) },
RedirectUris = { "http://localhost:21402/signin-oidc", "https://oauth.pstmn.io/v1/browser-callback" },
PostLogoutRedirectUris = { "http://localhost:21402/" },
FrontChannelLogoutUri = "http://localhost:21402/signout-oidc",
AllowedScopes =
{
"Onero.ServerAPI"
},
});;
});
And that finally got that little Postman page to pop up, bring me to the default IdentityServer AuthUI page, login with my default user and there we go, finally get the darn token.
Biggest take away: make sure to read the server output to make sure your endpoints are correct so you can fill out the parameters in Postman correctly.
Thanks for the help!
- What is the difference between regular and Async methods (OnGet vs OnGetAsync)
- Changing property in Razor @ref component does not update its usage in HTML element
- Visual Studio Project doesn't load after changing folder name
- Web Push via Azure Notification Hubs: JSON value could not be converted to Microsoft.NotificationHubs.Contracts.LegacyModels.BrowserPushSubscription
- How to prevent the business logic present inside the Blazor SSR component's OnInitialized method from executing twice?
- How to fix Razor Pages CRUD Scaffolding Error
- How to run Microsoft.FluentUI.AspNetCore.Components library on NET9
- Always add existing route parameter in Url.Action
- Log REST-requests to file with unique request-id
- Using kendoui in ASP.NET Core - does not work correctly
- Bootstrap not affecting styles in Blazor app
- Carter modules are not registered in ASP.NET Core app
- In Identity Server 4, I have a User's identity but 0 Claims
- returning entity model property with extra string
- How do I resolve "Request reached the end of the middleware pipeline without being handled by application code."?
- Dependency Injection on AuthorizationOptions Requirement in DotNet Core
- Enable OPTIONS header for CORS on .NET Core Web API
- ASP.NET Core 8 OpenID Connect - SUB claim missing on User.Identity
- Pager in .Net Core 2.1
- What is different in my Ajax vs XMLHttpRequest Call that lets my Server understand Ajax but not XMLHttpRequest?
- Enable interactive render mode on Blazor templates accounts pages
- .Net Core SignalR Connection between services has an issue
- How to register multiple implementations of the same interface with different dependencies
- ASP.NET Core hosting environment variable ignored
- How to get return value from Task wait()
- User.Identity.IsAuthenticated always false in .net core custom authentication
- ASP.NET Core 8 + Keycloak: Role-based Authorization for Derived Controllers without Code Duplication
- I want to pre-fill an input of type IFormFile
- Net Core Simple way to Find Temperature from Openweather API
- Get email claim from identity after upgrading to .NET 8 not working