如何在OAuth2Introspection中绕过证书(SSL)验证?
如何在OAuth2Introspection中绕过证书(SSL)验证?
提问于 2020-10-19 10:15:02
我正在处理一个API,但是每当我试图连接到它时,我都会得到这个错误:
Request starting HTTP/1.1 GET https://localhost:5061/api/machine
info: System.Net.Http.HttpClient.IdentityModel.AspNetCore.OAuth2Introspection.BackChannelHttpClientName.LogicalHandler[100]
Start processing HTTP request GET https://localhost:5001/.well-known/openid-configuration
info: System.Net.Http.HttpClient.IdentityModel.AspNetCore.OAuth2Introspection.BackChannelHttpClientName.ClientHandler[100]
Sending HTTP request GET https://localhost:5001/.well-known/openid-configuration
fail: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware[1]
An unhandled exception has occurred while executing the request.
System.InvalidOperationException: Error parsing discovery document from https://localhost:5001: Error connecting to https://localhost:5001/.well-known/openid-configuration. The SSL connection could not be established, see inner exception..
at IdentityModel.AspNetCore.OAuth2Introspection.PostConfigureOAuth2IntrospectionOptions.GetIntrospectionEndpointFromDiscoveryDocument(OAuth2IntrospectionOptions options)
at IdentityModel.AspNetCore.OAuth2Introspection.PostConfigureOAuth2IntrospectionOptions.InitializeIntrospectionClient(OAuth2IntrospectionOptions options)
at IdentityModel.AspNetCore.OAuth2Introspection.OAuth2IntrospectionHandler.LoadClaimsForToken(String token)
at IdentityModel.AspNetCore.OAuth2Introspection.OAuth2IntrospectionHandler.HandleAuthenticateAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 145.1044ms 500 text/plain我正在使用IdentityModel.AspNetCore.OAuth2Introspection,但是没有任何选项可以像JwtBearer中那样配置Backchannel Handler。
我希望在开发中绕过OAuth2Introspection中的证书验证,如下代码所示:
.AddOAuth2Introspection("introspection", options =>
{
// SOME INTROSPECTION CODES
options.BackchannelHttpHandler = new SocketsHttpHandler
{
SslOptions = new SslClientAuthenticationOptions
{
RemoteCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true
}
};
// MORE INTROSPECTION CODES
});回答 1
Stack Overflow用户
发布于 2020-11-09 09:10:30
用ConfigurePrimaryHttpMessageHandler可拓法求解
services.AddHttpClient(OAuth2IntrospectionDefaults.BackChannelHttpClientName)
.ConfigurePrimaryHttpMessageHandler(() =>
{
return new SocketsHttpHandler
{
SslOptions = new SslClientAuthenticationOptions
{
RemoteCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true
}
};
});页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/64425324
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号