simpleidserver
Sample consultation
Hello, I noticed that your this article: https://simpleidserver.com/docs/idserver/quickstart/createidserverwithui I am now implementing a project based on him that follows the simplest authorization code process. So, I made some modifications on this basis and created a client. Now, when accessing the client, it will redirect to the login page for login. After a successful login, the client will say an error saying "Can't find sub". So I used the obtained token to access the /userinfo endpoint. I found that the response code was 200, but the content of the body was empty, meaning there was no user information. I think this might be the reason for the eror. This is my project: Could you please help me check where the problem lies? I think this sample is also very necessary: client: clients.zip ids: For the ids project, I only made the following changes based on your tutorial:
var users = new List<User>
{
UserBuilder.Create("administrator", "password", "Administrator")
.SetEmail("[email protected]")
.SetFirstname("Administrator")
.AddClaim("sub", "administrator")
.AddClaim("name", "Administrator")
.AddClaim("email", "[email protected]")
.Build()
};
var scope1 = ScopeBuilder.CreateApiScope("api1", false).Build();
var scope2 = ScopeBuilder.CreateApiScope("profile", false).Build();
var scope3 = ScopeBuilder.CreateApiScope("openid", false).Build();
var clients = new List<Client>
{
ClientBuilder.BuildTraditionalWebsiteClient("client", "secret",null,new string[]{ "https://localhost:7223/signin-oidc"}).AddScope(new SimpleIdServer.IdServer.Domains.Scope[]{ scope1,scope2,scope3}).Build()
};
var scopes = new List<SimpleIdServer.IdServer.Domains.Scope>
{
scope1,scope2,scope3
};
var builder = WebApplication.CreateBuilder(args);
builder.AddSidIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryUsers(users)
.AddInMemoryLanguages(DefaultLanguages.All)
.AddPwdAuthentication(true)
.AddInMemoryClients(clients)
.AddInMemoryScopes(scopes);
var app = builder.Build();
app.Services.SeedData();
app.UseSid();
app.Run();```
Hello,
There are some mistakes in your Program.cs file:
The profile and openid scopes are not ApiScope (OAuth 2.0 scopes), but IdentityScope (OpenID scopes). They are used to return claims from the user information endpoint. By default, it is not necessary to explicitly define these OpenID scopes, as they are automatically injected by the application at runtime via the migration script.
I’ve made some changes in the release/v6.0.2 branch. Now, when the AddInMemoryScopes function is called, the specified scopes are added, and the existing scopes are no longer overwritten.
To get a working version, you can fetch the release/v6.0.2 branch and update the src\IdServer\SimpleIdServer.IdServer.Ui.Startup\Program.cs file with the following content, then try again.
// Copyright (c) SimpleIdServer. All rights reserved.
// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
using Microsoft.AspNetCore.Builder;
using Microsoft.Extensions.DependencyInjection;
using SimpleIdServer.IdServer.Builders;
using SimpleIdServer.IdServer.Config;
using SimpleIdServer.IdServer.Domains;
using System.Collections.Generic;
var users = new List<User>
{
UserBuilder.Create("administrator", "password", "Administrator")
.SetEmail("[email protected]")
.SetFirstname("Administrator")
.AddClaim("sub", "administrator")
.AddClaim("name", "Administrator")
.AddClaim("email", "[email protected]")
.Build()
};
var scope1 = ScopeBuilder.CreateApiScope("api1", false).Build();
var clients = new List<Client>
{
ClientBuilder.BuildTraditionalWebsiteClient("client", "secret",null,new string[]{ "https://localhost:7223/signin-oidc"}).AddScope(new Scope[]{ scope1, DefaultScopes.OpenIdScope, DefaultScopes.Profile }).Build()
};
var builder = WebApplication.CreateBuilder(args);
builder.AddSidIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryUsers(users)
.AddInMemoryClients(clients)
.AddInMemoryScopes(new List<SimpleIdServer.IdServer.Domains.Scope> { scope1 })
.AddInMemoryLanguages(DefaultLanguages.All)
.AddPwdAuthentication(true);
var app = builder.Build();
app.Services.SeedData();
app.UseSid();
app.Run();
KR, SID
Hello,
There are some mistakes in your Program.cs file:
The profile and openid scopes are not ApiScope (OAuth 2.0 scopes), but IdentityScope (OpenID scopes). They are used to return claims from the user information endpoint. By default, it is not necessary to explicitly define these OpenID scopes, as they are automatically injected by the application at runtime via the migration script.
I’ve made some changes in the release/v6.0.2 branch. Now, when the AddInMemoryScopes function is called, the specified scopes are added, and the existing scopes are no longer overwritten.
To get a working version, you can fetch the release/v6.0.2 branch and update the src\IdServer\SimpleIdServer.IdServer.Ui.Startup\Program.cs file with the following content, then try again.
// Copyright (c) SimpleIdServer. All rights reserved. // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. using Microsoft.AspNetCore.Builder; using Microsoft.Extensions.DependencyInjection; using SimpleIdServer.IdServer.Builders; using SimpleIdServer.IdServer.Config; using SimpleIdServer.IdServer.Domains; using System.Collections.Generic; var users = new List<User> { UserBuilder.Create("administrator", "password", "Administrator") .SetEmail("[email protected]") .SetFirstname("Administrator") .AddClaim("sub", "administrator") .AddClaim("name", "Administrator") .AddClaim("email", "[email protected]") .Build() }; var scope1 = ScopeBuilder.CreateApiScope("api1", false).Build(); var clients = new List<Client> { ClientBuilder.BuildTraditionalWebsiteClient("client", "secret",null,new string[]{ "https://localhost:7223/signin-oidc"}).AddScope(new Scope[]{ scope1, DefaultScopes.OpenIdScope, DefaultScopes.Profile }).Build() }; var builder = WebApplication.CreateBuilder(args); builder.AddSidIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryUsers(users) .AddInMemoryClients(clients) .AddInMemoryScopes(new List<SimpleIdServer.IdServer.Domains.Scope> { scope1 }) .AddInMemoryLanguages(DefaultLanguages.All) .AddPwdAuthentication(true); var app = builder.Build(); app.Services.SeedData(); app.UseSid(); app.Run();KR, SID
Thank you very much for your help. After testing, it is operating normally
Excuse me. I noticed this article: https://simpleidserver.com/docs/idserver/quickstart/createidserverwithui It was mentioned inside that after the project started, one could see login registration and forgot password. However, after I started it, I only saw registration and not forgot password.
Could it be that there is a problem with the current template? If it's not for this reason, how can I enable the forgotten password? Also, as mentioned in the article, how to set the notification method to console? How to configure it?
Indeed, the "idserverui" template is currently not working, but this issue has been fixed in the release/6.0.2 branch.
The JavaScript file helpers.js cannot be retrieved because the URL specified in Views\Shared_FormBuilderLayout.cshtml is incorrect. The path should use SidFormBuilder instead of FormBuilder.
The "Forgotten password" link is not displayed because the IdServerPasswordOptions.CanResetPassword property must be set to true in the appsettings.json file.
Additionally, it is possible to configure the notification method to use the console by updating the appsettings.json.
The project used to build the template has been fixed (https://github.com/simpleidserver/SimpleIdServer/tree/release/v6.0.2/src/IdServer/SimpleIdServer.IdServer.Light.Startup), and you can use it for internal testing.
Kind regards, SID