IdentityServer4 .well-known/open

作者: 寻找无名的特质 | 来源:发表于2023-03-09 05:43 被阅读0次

C# 验证IdentityServer4返回token是否合法
原创 | Authentication & Author
IdentityServer4（一）简介
265、英语小故事（英汉对照）“邪恶是什么？”
English Writing Practice: Creepe
Always have a plan
Change your mind and accept the
2018-05-30
葡萄牙海绵蛋糕
How to make your first 100 milli

访问identity server 4中的well-know/openid-configuartion可以获取相关的格式，如果在浏览器中访问，可以得到如下的json数据：

{
    "issuer": "http://host.docker.internal:7010",
    "jwks_uri": "http://host.docker.internal:7010/.well-known/openid-configuration/jwks",
    "authorization_endpoint": "http://host.docker.internal:7010/connect/authorize",
    "token_endpoint": "http://host.docker.internal:7010/connect/token",
    "userinfo_endpoint": "http://host.docker.internal:7010/connect/userinfo",
    "end_session_endpoint": "http://host.docker.internal:7010/connect/endsession",
    "check_session_iframe": "http://host.docker.internal:7010/connect/checksession",
    "revocation_endpoint": "http://host.docker.internal:7010/connect/revocation",
    "introspection_endpoint": "http://host.docker.internal:7010/connect/introspect",
    "device_authorization_endpoint": "http://host.docker.internal:7010/connect/deviceauthorization",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true,
    "backchannel_logout_supported": true,
    "backchannel_logout_session_supported": true,
    "scopes_supported": [
        "roles",
        "openid",
        "profile",
        "email",
        "address",
        "poemapi",
        "message.read",
        "offline_access"
    ],
    "claims_supported": [
        "role",
        "sub",
        "updated_at",
        "locale",
        "zoneinfo",
        "gender",
        "website",
        "picture",
        "profile",
        "preferred_username",
        "nickname",
        "middle_name",
        "given_name",
        "family_name",
        "name",
        "birthdate",
        "email_verified",
        "email",
        "address"
    ],
    "grant_types_supported": [
        "authorization_code",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "urn:ietf:params:oauth:grant-type:device_code",
        "delegation"
    ],
    "response_types_supported": [
        "code",
        "token",
        "id_token",
        "id_token token",
        "code id_token",
        "code token",
        "code id_token token"
    ],
    "response_modes_supported": [
        "form_post",
        "query",
        "fragment"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post"
    ],
    "id_token_signing_alg_values_supported": [
        "RS256"
    ],
    "subject_types_supported": [
        "public"
    ],
    "code_challenge_methods_supported": [
        "plain",
        "S256"
    ],
    "request_parameter_supported": true
}

issuer:发行网址，权限验证的站点
jwks_uri:获取公钥，用于验证jwt
authorization_endpoint:授权服务器的授权端点URL
token_endpoint:获取token的URL接口
userinfo_endpoint:根据token获取用户信息
end_session_endpoint:注销url