作者:不要芹菜味 | 来源:互联网 | 2022-12-01 13:40
1> Fateh Mohame..:
可能你必须允许你的clientRoot在cors起源,我看到流程是不一样的.
我在客户端配置中看到隐式流,但服务器显示授权代码流!
"myApp": {
"ClientId": "spa-myApp",
"ClientName": "myAppSPA",
"ClientUri": "http://localhost:4200",
"RequireConsent": false,
"AllowedGrantTypes": [ "implicit" ],
"AllowAccessTokensViaBrowser": true,
"RedirectUris": [
"http://localhost:4200/assets/html/popup-login-redirect.html",
"http://localhost:4200/assets/html/silent-refresh-redirect.html"
],
"PostLogoutRedirectUris": [ "http://localhost:4200?postLogout=true" ],
"FrontChannelLogoutUri": "http://localhost:4200?frOntchannellogout=true",
"FrontChannelLogoutSessionRequired": true,
"AllowedCorsOrigins": [ "http://localhost:4200" ], // here you have to add your client root
"AllowedScopes": [ "openid", "profile", "qsdqsdqs", "qdqsd" ],
"IdentityTokenLifetime": 18000,
"AccessTokenLifetime": 18000
},