souzartn / identityserver4.samples.mongo Goto Github PK

hi. i did switch branch to dev and when I call .well-known/openid-configuration i can not pass var result = new Resources(GetAllIdentityResources(), GetAllApiResources(), GetAllApiScopes()); in

public Task GetAllResourcesAsync()
{
var result = new Resources(GetAllIdentityResources(), GetAllApiResources(), GetAllApiScopes());
return Task.FromResult(result);
}

and I got an Exception

Element '_id' does not match any field or property of class IdentityServer4.Models.ApiScope.

I think the problem comes from IEnumerable

When i'm logged in and i click "call api with user token" ->
I get unauthorized back.

IDX10501: Signature validation failed. Unable to match 'kid': '84509862e868dad806485e7e3c230244',

In the client i can see:

Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerMiddleware:Information: Failed to validate the token eyJhbGciOiJSUzI1NiIsImtpZCI6Ijg0NTA5ODYyZTg2OGRhZDgwNjQ4NWU3ZTNjMjMwMjQ0IiwidHlwIjoiSldUIn0.eyJuYmYiOjE0OTQ1ODk1OTUsImV4cCI6MTQ5NDU5MzE5NSwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo1MDAwIiwiYXVkIjpbImh0dHA6Ly9sb2NhbGhvc3Q6NTAwMC9yZXNvdXJjZXMiLCJhcGkxIl0sImNsaWVudF9pZCI6Im12YyIsInN1YiI6IjIiLCJhdXRoX3RpbWUiOjE0OTQ1ODk1OTIsImlkcCI6ImxvY2FsIiwic2NvcGUiOlsib3BlbmlkIiwicHJvZmlsZSIsImFwaTEiLCJvZmZsaW5lX2FjY2VzcyJdLCJhbXIiOlsicHdkIl19.UcBFhFGRpsLKGuR9Lr3IDpTo9IgpD72pprj-Fiw9cVXVzCH6SMri43G1RecUt8tfgqqXJRlDsB-qAodMFbUeLJdJyIvjF4bEMy-IpeYELywn1-3yX5XyzNw0YQF_5eX6NoPnl1nPjJ15dx1wrc4S5oHdRekg3hw97ElPVZc3GwTzwbtduPxZZz9SXcoTeXMXu8i-ht8yqQEmOcfX3Py2SCM7-1ULL_m7e51Jn8h-SfuinHPjoIz738evNg_14TILBiTxF93B3RpBuv1EocVaIcWV84_mGKCQxAPpHhZfVdVU_z3lywHOrBSEDpeFcWqDL0ksWF5CY2tCm4wyqbatng.

Microsoft.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException: IDX10501: Signature validation failed. Unable to match 'kid': '84509862e868dad806485e7e3c230244',
token: '{"alg":"RS256","typ":"JWT","kid":"84509862e868dad806485e7e3c230244"}.{"nbf":1494589595,"exp":1494593195,"iss":"http://localhost:5000","aud":["http://localhost:5000/resources","api1"],"client_id":"mvc","sub":"2","auth_time":1494589592,"idp":"local","scope":["openid","profile","api1","offline_access"],"amr":["pwd"]}'.
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature(String token, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.d__1.MoveNext()

When trying to check the external auth providers as they would not show in the MVC example website.

I've had to change some deprecated code as it was not working properly.

Created a PR for this: #15

Before the code changes:

After code changes:

Reference of posted issue #10

Does anyone implement schema validation on IdentityServer entities: Client, ApiResource, etc ?

Hi, I just wonder how do you know that it is safe to perform _database.GetCollection call from multiple threads on a static(btw it is got reinitialised each time new instance created, this seems to me incorrect) database object

    public IQueryable<T> All<T>() where T : class, new()
    {
        return _database.GetCollection<T>(typeof(T).Name).AsQueryable();
    }

The documentation doesn't say anything about it
http://api.mongodb.com/csharp/current/html/M_MongoDB_Driver_IMongoDatabase_GetCollection__1.htm
http://api.mongodb.com/csharp/current/html/T_MongoDB_Driver_IMongoDatabase.htm

• Upgrade sample solutions to .Net 2.0
• Update related nugets
• Review readme

Hi

Any plans to upgrade this samples to .net core 2?

Thanks

I was getting the following error :
" You are using the in-memory version of the persisted grant store. This will store consent decisions, authorization codes, refresh and reference tokens in memory only. If you are using any of those features in production, you want to switch to a different store implementation."

It seems that when running .AddPersistedGrants() in the configureServices, it does not register the new service due to the fact that TryAddSingleton is used - and IPersistedGrantStore is already implemented by the default implementation:
Lifetime = Singleton, ServiceType = {IdentityServer4.Stores.IPersistedGrantStore}, ImplementationType = {IdentityServer4.Stores.InMemoryPersistedGrantStore} - Value of it when inspecting it in the services collection.

I was able to resolve the issue by correcting the following:

-- File :IdentityServerBuilderExtensions .cs --method : AddPersistedGrants
Changing builder.Services.TryAddSingleton<IPersistedGrantStore, CustomPersistedGrantStore>();
to builder.Services.AddSingleton<IPersistedGrantStore, CustomPersistedGrantStore>();

Hi,
I am just trying to build new project with the reference of this project, did all things as it is, but i am getting the error at ** position in the IdentityServerBuilderExtensions.cs file.

Errors are :

1. Error CS7069: Reference to type 'IUserTwoFactorStore<>' claims it is defined in 'Microsoft.AspNetCore.Identity', but it could not be found

2. Error CS0266: Cannot implicitly convert type 'Microsoft.AspNetCore.Identity.MongoDB.UserStore' to 'Microsoft.AspNetCore.Identity.IUserStore'. An explicit conversion exists (are you missing a cast?)

3. Error CS1662: Cannot convert lambda expression to intended delegate type because some of the return types in the block are not implicitly convertible to the delegate return type

4. Error CS7069: Reference to type 'IRoleStore<>' claims it is defined in 'Microsoft.AspNetCore.Identity', but it could not be found

      builder.Services.AddSingleton<IUserStore<TIdentity>>(x =>
        {
            var usersCollection = database.GetCollection<TIdentity>("Identity_Users");
            IndexChecks.EnsureUniqueIndexOnNormalizedEmail(usersCollection);
            IndexChecks.EnsureUniqueIndexOnNormalizedUserName(usersCollection);
            **return new UserStore<TIdentity>(usersCollection);**
        });
   
        builder.Services.AddSingleton<IRoleStore<TRole>>(x =>
        {
            var rolesCollection = database.GetCollection<TRole>("Identity_Roles");
            IndexChecks.EnsureUniqueIndexOnNormalizedRoleName(rolesCollection);
            **return new RoleStore<TRole>(rolesCollection);**
        });
   

• This will also resolve Microsoft.AspNetCore.All security issue

i want to use this to insert a new client to Collection ‘Client’,

but ,got this:

the prop "Claims" can not set ;
thanks!

Hello, I have a question, is possible store in a database some access-token so 2 or more identityserver can consult this.