说明:使用项目代码是这个,做了一点体力活:将 implicit grant types(简化授权类型)的页面跳转流程抓了个包。

QuickstartIdentityServer 项目的发布地址:127.0.0.1:5000

MvcClient  项目的发布地址:127.0.0.1:5002

下面的顺序按照implicit grant types 走下来的,0步骤会在 MvcClient  第一次获取identity server信息时发生,所以在获取到配置信息后,正常的流程是1-9。

0 获取 identity Server 认证、授权配置信息

GET 127.0.0.1:5000/.well-known/openid-configurationHTTP/1.1 200 OK
{"issuer":"http://127.0.0.1:5000","jwks_uri":"http://127.0.0.1:5000/.well-known/openid-configuration/jwks","authorization_endpoint":"http://127.0.0.1:5000/connect/authorize","token_endpoint":"http://127.0.0.1:5000/connect/token","userinfo_endpoint":"http://127.0.0.1:5000/connect/userinfo","end_session_endpoint":"http://127.0.0.1:5000/connect/endsession","check_session_iframe":"http://127.0.0.1:5000/connect/checksession","revocation_endpoint":"http://127.0.0.1:5000/connect/revocation","introspection_endpoint":"http://127.0.0.1:5000/connect/introspect","frontchannel_logout_supported":true,"frontchannel_logout_session_supported":true,"backchannel_logout_supported":true,"backchannel_logout_session_supported":true,"scopes_supported":["openid","profile","api1","offline_access"],"claims_supported":["sub","name","family_name","given_name","middle_name","nickname","preferred_username","profile","picture","website","gender","birthdate","zoneinfo","locale","updated_at"],"grant_types_supported":["authorization_code","client_credentials","refresh_token","implicit","password"],"response_types_supported":["code","token","id_token","id_token token","code id_token","code token","code id_token token"],"response_modes_supported":["form_post","query","fragment"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256"],"code_challenge_methods_supported":["plain","S256"]}
-----------------
GET /.well-known/openid-configuration/jwks HTTP/1.1 200 OK
{"keys":[{"kty":"RSA","use":"sig","kid":"bd30634bfbca33e60053095763302f84","e":"AQAB","n":"ox765ltEHzAQPG4rNR722wh_iWoDkZX8L9ML8QmIIugQxHNH4A8bc2-lWl6q--sxI5bWygDDn3YONiPdnuZHgM6cX0FX_fDg0le9aGBAt2sQdzlZzs51nMfgyiNv1lspzjRlKQeOKfk7tbOBbw8JRDZcudx0DrIx2JWc6eLcHXnGRw_BcaSBkhXVYg6YoCe9JrKSQe0Rnen574C2Oo7hZTDS3U1ol4qFPMBDT6QgbWT0qTEYfqOWhxNrufX7ypEaV85k3gJlL-n3AKh0jtOeYlxbnTtRYfoojpjw4bxat5sS9k-VoFMUf9eZBgSrlAL5aMwURxyeWG_DRKatYvHR8Q","alg":"RS256"}]}

View Code

1 访问客户端受保护的资源

GET 127.0.0.1:5002/Home/Secure
Referer: http://127.0.0.1:5002/HTTP/1.1 302 Found
Location: http://127.0.0.1:5000/connect/authorize?client_id=mvc&redirect_uri=http%3A%2F%2F127.0.0.1%3A5002%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm&state=CfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs&x-client-SKU=ID_NET&x-client-ver=2.1.4.0
#http://127.0.0.1:5000/connect/authorize?client_id=mvc&redirect_uri=http://127.0.0.1:5002/signin-oidc&response_type=id_token&scope=openid profile&response_mode=form_post&nonce=636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm&state=CfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs&x-client-SKU=ID_NET&x-client-ver=2.1.4.0

View Code

2 重定向到:请求identity Service 授权

GET 127.0.0.1:5000/connect/authorize?client_id=mvc&redirect_uri=http%3A%2F%2F127.0.0.1%3A5002%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm&state=CfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs&x-client-SKU=ID_NET&x-client-ver=2.1.4.0 HTTP/1.1
#connect/authorize?client_id=mvc&redirect_uri=http://127.0.0.1:5002/signin-oidc&response_type=id_token&scope=openid profile&response_mode=form_post&nonce=636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm&state=CfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs&x-client-SKU=ID_NET&x-client-ver=2.1.4.0
Referer: http://127.0.0.1:5002/HTTP/1.1 302 Found
Location: http://127.0.0.1:5000/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252F127.0.0.1%253A5002%252Fsignin-oidc%26response_type%3Did_token%26scope%3Dopenid%2520profile%26response_mode%3Dform_post%26nonce%3D636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm%26state%3DCfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs%26x-client-SKU%3DID_NET%26x-client-ver%3D2.1.4.0

View Code

3 重定向到:请求 identity Service 登录页面

GET 127.0.0.1:5000/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252F127.0.0.1%253A5002%252Fsignin-oidc%26response_type%3Did_token%26scope%3Dopenid%2520profile%26response_mode%3Dform_post%26nonce%3D636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm%26state%3DCfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs%26x-client-SKU%3DID_NET%26x-client-ver%3D2.1.4.0 HTTP/1.1
#
Referer: http://127.0.0.1:5002/HTTP/1.1 200 OK<!DOCTYPE html>

View Code

4 提交登录表单

POST /account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252F127.0.0.1%253A5002%252Fsignin-oidc%26response_type%3Did_token%26scope%3Dopenid%2520profile%26response_mode%3Dform_post%26nonce%3D636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm%26state%3DCfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs%26x-client-SKU%3DID_NET%26x-client-ver%3D2.1.4.0 HTTP/1.1
Referer: http://127.0.0.1:5000/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252F127.0.0.1%253A5002%252Fsignin-oidc%26response_type%3Did_token%26scope%3Dopenid%2520profile%26response_mode%3Dform_post%26nonce%3D636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm%26state%3DCfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs%26x-client-SKU%3DID_NET%26x-client-ver%3D2.1.4.0
Content-Type: application/x-www-form-urlencodedHTTP/1.1 302 Found
Location: /connect/authorize/callback?client_id=mvc&redirect_uri=http%3A%2F%2F127.0.0.1%3A5002%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm&state=CfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs&x-client-SKU=ID_NET&x-client-ver=2.1.4.0

View Code

5 重定向到:请求 identity Service 用户同意页面

GET /connect/authorize/callback?client_id=mvc&redirect_uri=http%3A%2F%2F127.0.0.1%3A5002%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm&state=CfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs&x-client-SKU=ID_NET&x-client-ver=2.1.4.0 HTTP/1.1
Referer: http://127.0.0.1:5000/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252F127.0.0.1%253A5002%252Fsignin-oidc%26response_type%3Did_token%26scope%3Dopenid%2520profile%26response_mode%3Dform_post%26nonce%3D636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm%26state%3DCfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs%26x-client-SKU%3DID_NET%26x-client-ver%3D2.1.4.0HTTP/1.1 200 OK<!DOCTYPE html>

View Code

6 提交 用户同意表单

POST /consent HTTP/1.1
Referer: http://127.0.0.1:5000/consent?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252F127.0.0.1%253A5002%252Fsignin-oidc%26response_type%3Did_token%26scope%3Dopenid%2520profile%26response_mode%3Dform_post%26nonce%3D636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm%26state%3DCfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs%26x-client-SKU%3DID_NET%26x-client-ver%3D2.1.4.0
Cache-Control: max-age=0HTTP/1.1 302 Found
Location: /connect/authorize/callback?client_id=mvc&redirect_uri=http%3A%2F%2F127.0.0.1%3A5002%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm&state=CfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs&x-client-SKU=ID_NET&x-client-ver=2.1.4.0

View Code

7 重定向到:identity Service 授权回调

GET /connect/authorize/callback?client_id=mvc&redirect_uri=http%3A%2F%2F127.0.0.1%3A5002%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm&state=CfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs&x-client-SKU=ID_NET&x-client-ver=2.1.4.0 HTTP/1.1
Referer: http://127.0.0.1:5000/consent?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252F127.0.0.1%253A5002%252Fsignin-oidc%26response_type%3Did_token%26scope%3Dopenid%2520profile%26response_mode%3Dform_post%26nonce%3D636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm%26state%3DCfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs%26x-client-SKU%3DID_NET%26x-client-ver%3D2.1.4.0
Host: 127.0.0.1:5000
Connection: Keep-Alive
Cookie: .AspNetCore.Antiforgery.YjAxvW2xqCo=CfDJ8KjKmIpVmpVHjwkDwUwE7k1xn6W14nk_E0cRvwWveGwSyaaqD7sS2pSTAE43QsB7xRIVuLBsNiOk9ib-83IIDT874ymk3A6Xg9waHRH8csTfVyxtxMbjarHFfTGS29kDMaBbSQITR9Fj_bgjDLgOXaI; idsrv.session=be16971582a80c99fd0286310cf00363; idsrv=CfDJ8KjKmIpVmpVHjwkDwUwE7k34O8JeSGKhYR40MCwGcWlElGczJ732hBb7D-VSzKh9gz7xwxW0ysAaweb6KafSkOgi4bXHY62o2msxzeoWA5E4uh16QUIo1Flh4GSy-c2sSP2aYdS3r2ljpu8G9ntl7RlJI8qNsuDJLb_EUdueHRaATYfNAJ7BU-N8XnJ87mYPb6CV3HBsUSdjABbPu6biVyI7Spr7BHcHyzbfnUgcxuW63og135jhr-_cmQuFlPVb61xTNcafm4OAYa3ter29I3qj1yZfNQDMqXzwtRaRWMrrFPe4eOZD5daaF8YXT5rzBLZRpZM-bJw9m5SI5FGapVlM4mFhH-bb9BWXrRxIKj-04WRMiBiXxycInIlcbHuRLwNgzCSPIIKCk79UT5gYQfrC1u-ejKoIAMfokdKVtr4dTiiMZMumR2gk-hYExy1q1X2--Z1Vf_lpMGApx5rveg8eb3mhWJi9p8PGWjjCFKqL; ConsentResponse.NEqTdfMa_qlc7u3gFoMYkmGSvsJLSjso3mzLtAL8o1I=CfDJ8KjKmIpVmpVHjwkDwUwE7k2k-7mmBieBu5AEPr9OYTHPmI-QCx1hCbPvGGFhcyWBr18UqTyDbwoeGYBTxHTh0GPF5BOI01qvFUA1WN96EqT15dGN9nUPGXojcOhbH7NW3e5qOjx-NkSGZPspg60t5jVwMXslPqx-M5Shpm_6P9wtDMRXWDkMOoR2r1YVc9kiN22oNB7zJBN6yNDeMnYj0KZ-AOSWpL5ZhQb3zUWXSjld6SgBqw2k6zMcp2SCqgUK9W9mP1sgi6QTqfHF1V4-rK0HTTP/1.1 200 OK
Set-Cookie: ConsentResponse.NEqTdfMa_qlc7u3gFoMYkmGSvsJLSjso3mzLtAL8o1I=.; expires=Fri, 31 Dec 1999 16:00:00 GMT; path=/; samesite=lax; httponly
Set-Cookie: idsrv=CfDJ8KjKmIpVmpVHjwkDwUwE7k0-F0MNdt22QvDnLb_-24iyo2T0beQ9LLPqzS-bm1UY39QbA5HpuMpDfWZfBfm8SGI1vqcwuL7-4RM03nnMf8fyvUBgp5Qjr7CRyL9I83tIK_lx293vQDlH1T_IcImzhyh5J4WGAXnorJKtvvuVwL8Okxf9SekJ5alVFpoxHEHR4Ok_cltkvf8-gaxMgSHTVCdSaFB4FchmcMSjJjMpxHbM4SqNryH4FnBwfJMekDXxqNIUMn6b8QHkN2Js4n0Vlc26AnTdm8n4yuXuDvB0DfTvtlEi5p6pqO3xJevHC2ZT8ryl7cOIqAQqTe94VB5gl3eob2q0q_H2Lk5ONdLVBNIwv6CsWi8RNlsBslDxcFZl1YzU5CK9rQGPOLUCvx0vv-5Ix_BI959MxGK6e_8jBHhkepKja8h38m-OA2UTNJsdDFfFoH8MsDfks1ytjInmOwgt2Fl7LMthLPWMyNVaIzkapIGNN9XDikwPfuGMAhi2Pg; path=/; httponly
Content-Security-Policy: default-src 'none'; frame-ancestors http://127.0.0.1:5002; script-src 'sha256-VuNUSJ59bpCpw62HM2JG/hCyGiqoPN3NqGvNXQPU+rY=';
X-Content-Security-Policy: default-src 'none'; frame-ancestors http://127.0.0.1:5002; script-src 'sha256-VuNUSJ59bpCpw62HM2JG/hCyGiqoPN3NqGvNXQPU+rY=';
Referrer-Policy: no-referrer<formmethod='post'action='http://127.0.0.1:5002/signin-oidc'><inputtype='hidden'name='id_token'value='eyJhbGciOiJSUzI1NiIsImtpZCI6ImJkMzA2MzRiZmJjYTMzZTYwMDUzMDk1NzYzMzAyZjg0IiwidHlwIjoiSldUIn0.eyJuYmYiOjE1NDAyODYyMDksImV4cCI6MTU0MDI4NjUwOSwiaXNzIjoiaHR0cDovLzEyNy4wLjAuMTo1MDAwIiwiYXVkIjoibXZjIiwibm9uY2UiOiI2MzY3NTg4MjE2MDY3NjkxNzQuTWpOak1XRmhOVEF0WmpVNU9TMDBNMlF4TFdJMU9XSXRPV1l3TUdOaVpHUTBaV0ZrTXpReE5USmpZVGt0Tm1VNU9DMDBaVEpqTFdGbVpEY3RPVGMzTWpZMU5ESTNOR0ptIiwiaWF0IjoxNTQwMjg2MjA5LCJzaWQiOiJiZTE2OTcxNTgyYTgwYzk5ZmQwMjg2MzEwY2YwMDM2MyIsInN1YiI6IjEiLCJhdXRoX3RpbWUiOjE1NDAyODU5NTMsImlkcCI6ImxvY2FsIiwibmFtZSI6IkFsaWNlIiwid2Vic2l0ZSI6Imh0dHBzOi8vYWxpY2UuY29tIiwiYW1yIjpbInB3ZCJdfQ.egapXpCShj07m2ldf1lRxc-5O6eqElpSvmTjQ9clgi1WxtR6Gf_iNhhIwm5aNQv9pSE9cLUwjg7-3XWfrBPKtKPCgC-N_50nKRW3SDct1NGcr6Yw9UAd049glC7B5WbHa2qAfqy8c61IiGA77r6roXNdvyk6jNGc4cLQHKGfPF-7tIN5ipQvFuXEpwWEYSGrjx8cO2_B3Dvd_eCIuD7ZotEEl0gvq1cn3RlKDT9qrPN_AvYqNRkFwDfLW4BgACo3XTX4fp9H6Y0dHdbfkCuA287nIyrH47U-US-7rbUh2vjyAf7GrJgE1iTl7ltr8FTSmjt0gHZJJMFHHq9CKmVBbg'/>
<inputtype='hidden'name='scope'value='openidprofile'/>
<inputtype='hidden'name='state'value='CfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs'/>
<inputtype='hidden'name='session_state'value='46esjgZEyWUfSUkVvHKy8Opvnq0mmY19WfvOfc9BuLE.78306e80b16a34dd965f55cf78237a2d'/>
<noscript><button>Click to continue</button></noscript></form><script>(function(){document.forms[0].submit();})();</script>

View Code

8 自动提交表单:提交表单到客户端 openid 登录入口

POST /signin-oidc HTTP/1.1
Referer: http://127.0.0.1:5000/connect/authorize/callback?client_id=mvc&redirect_uri=http%3A%2F%2F127.0.0.1%3A5002%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm&state=CfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs&x-client-SKU=ID_NET&x-client-ver=2.1.4.0
Cache-Control: max-age=0
Content-Type: application/x-www-form-urlencodedHTTP/1.1 302 Found
Location: http://127.0.0.1:5002/Home/Secure

View Code

9 重定向到:客户端受保护资源

GET /Home/Secure HTTP/1.1
Referer: http://127.0.0.1:5000/connect/authorize/callback?client_id=mvc&redirect_uri=http%3A%2F%2F127.0.0.1%3A5002%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=636758821606769174.MjNjMWFhNTAtZjU5OS00M2QxLWI1OWItOWYwMGNiZGQ0ZWFkMzQxNTJjYTktNmU5OC00ZTJjLWFmZDctOTc3MjY1NDI3NGJm&state=CfDJ8KjKmIpVmpVHjwkDwUwE7k2bBYcaRX-3MqGRb4aYMIiDg6xYQ2TemJhc-X-F4p2MBnnn502lBw5atZcxsw1UIAeITKmq21JiVx6RwNoSDPY7JZrsw2RWKLl15kxc-YQvRn4Sj4jaLfeWggp9_xfhTHV2SeLb09afuTWwQdoF7bv3D3bVMJBhnuRWOW11jNAydsu8DRsz780ZICylpil_YjaI8i4Gj3X5jwK7HEyt56qv5DgElVLXQQvKXCPex5XEQ-4EK1raVXVgYvO2doAOxtmYpJBH12Y8TNE0uemQbAi7uIGlfSsxtXIxLvVZr43smTHVaBGm76iZLI0fuVlCMPs&x-client-SKU=ID_NET&x-client-ver=2.1.4.0HTTP/1.1 200 OK
Date: Tue, 23 Oct 2018 09:16:50 GMT
Content-Type: text/html; charset=utf-8
Server: Kestrel
Transfer-Encoding: chunked<!DOCTYPE html>

View Code

可以参考:

https://identityserver4.readthedocs.io/en/release/index.html

https://aaronparecki.com/oauth-2-simplified/

https://developer.okta.com/blog/2017/06/21/what-the-heck-is-oauth

如果你们看明白了,而且写成中文可以告诉我,反正我是没怎么明白。

转载于:https://www.cnblogs.com/850391642c/p/indetityserver4-implicit-grantt-ypes.html

indetityserver4-implicit-grant-types-请求流程叙述-上篇相关推荐

  1. oauth2.0 php简化模式,OAuth2.0学习(1-5)授权方式2-简化模式(implicit grant type)

    授权方式2-简化模式(implicit grant type) 简化模式(implicit grant type)不通过第三方应用程序的服务器,直接在浏览器中向认证服务器申请令牌,跳过了"授 ...

  2. zookeeper源码分析之五服务端(集群leader)处理请求流程

    leader的实现类为LeaderZooKeeperServer,它间接继承自标准ZookeeperServer.它规定了请求到达leader时需要经历的路径: PrepRequestProcesso ...

  3. 4G LTE/EPC UE 的业务请求流程

    目录 文章目录 目录 UE 发起业务请求(Service Request)流程 UE 侧发起的业务请求流程 网络侧发起的业务请求流程 UE 发起业务请求(Service Request)流程 作用:附 ...

  4. springMVC请求流程详解

    SpringMVC框架是一个基于请求驱动的Web框架,并且使用了'前端控制器'模型来进行设计, 再根据'请求映射规则'分发给相应的页面控制器进行处理.核心流程: 第一步:发起请求到前端控制器(Disp ...

  5. Okhttp3-网络请求流程解析

    前言 已经大火2年的Retrofit,必然会提到另外两个库,OKhttp3和Rxjava,尤其前者,作为Retrofit网络请求的底层库,我们有必要了解OKhttp3的网络请求是如何运作的,就会理解为 ...

  6. internetreadfile读取数据长度为0_Go发起HTTP2.0请求流程分析(后篇)——标头压缩

    阅读建议 这是HTTP2.0系列的最后一篇,笔者推荐阅读顺序如下: Go中的HTTP请求之--HTTP1.1请求流程分析 Go发起HTTP2.0请求流程分析(前篇) Go发起HTTP2.0请求流程分析 ...

  7. CoAP学习笔记——服务器端繁忙时的处理请求流程

    CoAP学习笔记--服务器端繁忙时的处理请求流程 CoAP是一个简单的请求响应机制,对于一个给定的请求便有一个相应的响应. 很多时候,如果服务器不能立即响应一个CON请求,服务器只能返回一个空应答,这 ...

  8. 修改拦截器里的请求头_OkHttp4 源码分析(1) 请求流程分析

    square/okhttp​github.com 本文基于OkHttp4.7.1分析 同步请求示例代码 OkHttpClient client = new OkHttpClient.Builder() ...

  9. 简述C#中IO的应用 RabbitMQ安装笔记 一次线上问题引发的对于C#中相等判断的思考 ef和mysql使用(一) ASP.NET/MVC/Core的HTTP请求流程...

    简述C#中IO的应用 在.NET Framework 中. System.IO 命名空间主要包含基于文件(和基于内存)的输入输出(I/O)服务的相关基础类库.和其他命名空间一样. System.IO ...

最新文章

  1. java reflection list_Java Reflection(九):泛型
  2. python入门到精通需要学多久-廖雪峰python教程要学多久-零基础学Python需要多久...
  3. es Root mapping definition has unsupported parameters解决方法
  4. 【译】Jumping into Solidity — The ERC721 Standard (Part 3)
  5. elastic学习笔记
  6. Java 基础——数组解析
  7. 第3課 ここはデパートです
  8. python excel数据框_python – 熊猫数据框到Excel表
  9. matlab2c使用c++实现matlab函数系列教程-cumprod函数
  10. 【钛坦白】榛杏科技CEO周开宇:ICO和区块链的创新方向选择
  11. Android hardware简易流程
  12. vyos -vyatta-config-commit save
  13. CMYK 和 RGB 着色
  14. vue中使用阿里巴巴矢量图标库并修改样式
  15. Powerbi简体中文版修改数据显示单位为英文方法
  16. Millet谷仓区块链和电子商务及Token相结合的产物
  17. 微信公众平台开发教程Java版(一)环境准备篇
  18. ios上编译c语言,如何构建C编写的库并在iOS中使用
  19. 使用A*算法解迷宫最短路径问题
  20. Zabbix探索:关于网络设备SysUpTime监控的问题

热门文章

  1. Java集合框架图解
  2. 高中会考计算机时间,2018年北京高中会考时间安排表
  3. Unity Editor 基础篇(四):Handles
  4. 认证(身份证-手机实名-银行四要素)接口规范
  5. 力扣203.移除链表的元素
  6. 数据结构可视化与MySQL索引视频详解
  7. iCloudManager部署---iCloudManager的安装及设置(三)
  8. 国产办公软件崛起,金山WPS月活用户已超5.7亿;Meta指责苹果夺走部分广告收入;Python 3.11 发布|极客头条
  9. Vue 3.0 中配置原生高德地图
  10. Spring-data-redis + Lettuce 如何使用 Pipeline