identityserver3 OpenID的配置沒有顯示所有範圍

Question

我讀getting started guide of identityserver3，並提到了開放ID配置端點：

身份/。好了知名/ OpenID的配置

這將列出你範圍。 在他們的榜樣它列出：

• 的OpenID
• 輪廓
• 電子郵件
• 電話
• 地址

在我的應用程序創建了一個名爲API範圍，當我創建了我的客戶端我設置了個AllowAccessToAllScopes爲真，但是，當轉到OpenID的配置端點我得到這個：

{ 
    "issuer":"https://localhost:44313", 
    "jwks_uri":"https://localhost:44313/identity/.well-known/jwks", 
    "authorization_endpoint":"https://localhost:44313/identity/connect/authorize", 
    "token_endpoint":"https://localhost:44313/identity/connect/token", 
    "userinfo_endpoint":"https://localhost:44313/identity/connect/userinfo", 
    "end_session_endpoint":"https://localhost:44313/identity/connect/endsession", 
    "check_session_iframe":"https://localhost:44313/identity/connect/checksession", 
    "revocation_endpoint":"https://localhost:44313/identity/connect/revocation", 
    "introspection_endpoint":"https://localhost:44313/identity/connect/introspect", 
    "frontchannel_logout_supported":true, 
    "frontchannel_logout_session_supported":true, 
    "scopes_supported":[ 
     "api" 
    ], 
    "claims_supported":[ 

    ], 
    "response_types_supported":[ 
     "code", 
     "token", 
     "id_token", 
     "id_token token", 
     "code id_token", 
     "code token", 
     "code id_token token" 
    ], 
    "response_modes_supported":[ 
     "form_post", 
     "query", 
     "fragment" 
    ], 
    "grant_types_supported":[ 
     "authorization_code", 
     "client_credentials", 
     "password", 
     "refresh_token", 
     "implicit" 
    ], 
    "subject_types_supported":[ 
     "public" 
    ], 
    "id_token_signing_alg_values_supported":[ 
     "RS256" 
    ], 
    "code_challenge_methods_supported":[ 
     "plain", 
     "S256" 
    ], 
    "token_endpoint_auth_methods_supported":[ 
     "client_secret_post", 
     "client_secret_basic" 
    ] 
} 

正如你所看到的，只有一個支持的範圍。 有誰知道爲什麼？或者我可以如何讓所有示波器在那裏？

Answer 1

我想通了。如果您查看我提供的鏈接，內存中的第一個示例使用StandardScopes.All。我在存儲庫中查看了它，並看到它添加的範圍列表。我決定改變我的ScopeStore並添加這些範圍，就像這樣：

public class ScopeStore: IScopeStore 
{ 
    private readonly DbContext _context; 

    public ScopeStore(DbContext context) 
    { 
     _context = context; 
    } 

    public async Task<IEnumerable<IdentityServer3.Core.Models.Scope>> FindScopesAsync(IEnumerable<string> scopeNames) 
    { 
     var models = await List().Where(m => scopeNames.Contains(m.Name)).ToListAsync(); 
     return AddStandardScopes(models); 
    } 

    public async Task<IEnumerable<IdentityServer3.Core.Models.Scope>> GetScopesAsync(bool publicOnly = true) 
    { 
     var models = await List(publicOnly).ToListAsync(); 
     return AddStandardScopes(models); 
    } 

    /// <summary> 
    /// Gets a list of Scopes 
    /// </summary> 
    /// <param name="publicOnly">A boolean to show public scopes or not</param> 
    /// <returns>The matched Scopes</returns> 
    public IQueryable<IdentityServer3.EntityFramework.Entities.Scope> List(bool publicOnly = true, params string[] includes) 
    { 
     var models = _context.Set<IdentityServer3.EntityFramework.Entities.Scope>(); 

     if (publicOnly) 
      return models.Where(m => m.ShowInDiscoveryDocument); 

     return models; 
    } 

    private IEnumerable<IdentityServer3.Core.Models.Scope> AddStandardScopes(IEnumerable<IdentityServer3.EntityFramework.Entities.Scope> scopes) 
    { 
     var models = scopes.Select(m => m.ToModel()).ToList(); 
     models.AddRange(StandardScopes.All.ToList()); 
     return models; 
    } 
} 

一旦我做到了，當我回到我的配置頁面，被列出的所有範圍，我終於可以讓我的用戶信息。