Can't authenticate user in Identity Server

0
votes

I am trying to authenticate user in Identity Server 4 via /connect/token endpoint. I am filling all required fields in Postman:

  • grant_type
  • username
  • password
  • client_id
  • client_secret

and I always get "invalid_client" response.

I have inserted values in next tables:

  • AspNetUsers
  • Clients
  • ClientGrantTypes
  • ClientSecrets

For table AspNetUsers in column PasswordHash I have added hashed password that is hashed with SHA256. In ClientGrantTypes I have added GrantType with value 'password' and inserted proper ClientId.

This is how my ConfigureServices look like:

public void ConfigureServices(IServiceCollection services)
{
    string connectionString = "Server=192.168.1.108; Port=5432; Database=Users; User Id=postgres;Password=RandomPassword123";
    var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name;

    services.AddIdentityServer()
        .AddConfigurationStore(options =>
        {
            options.ConfigureDbContext = builder =>
            {
                builder.UseNpgsql(connectionString, action =>
                {
                    action.MigrationsAssembly(migrationsAssembly);
                });
            };
        })
        .AddAspNetIdentity<Users>().AddConfigurationStore(options=>
        {
            options.ConfigureDbContext = builder =>
            {
                builder.UseNpgsql(connectionString, action =>
                {
                    action.MigrationsAssembly(migrationsAssembly);
                });
            };
        }).AddDeveloperSigningCredential();


    services.AddEntityFrameworkNpgsql();
    services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}

I am struggling to figure out what am I doing wrong, so any help would be appreciated.

EDIT:

I have included logging. This is the screenshot of what I have in Postman: http://i.imgur.com/Sk78V2y.png

And this is full log of Identity Server:

[21:25:46 Debug] IdentityServer4.Hosting.EndpointRouter Request path /connect/token matched to endpoint type Token

[21:25:46 Debug] IdentityServer4.Hosting.EndpointRouter Endpoint enabled: Token, successfully created handler: IdentityServer4.Endpoints.TokenEndpoint

[21:25:46 Information] IdentityServer4.Hosting.IdentityServerMiddleware Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token

[21:25:46 Debug] IdentityServer4.Endpoints.TokenEndpoint Start token request.

[21:25:46 Debug] IdentityServer4.Validation.ClientSecretValidator Start client validation

[21:25:46 Debug] IdentityServer4.Validation.BasicAuthenticationSecretParser Start parsing Basic Authentication secret

[21:25:46 Debug] IdentityServer4.Validation.SecretParser Parser found secret: BasicAuthenticationSecretParser

[21:25:46 Debug] IdentityServer4.Validation.SecretParser Secret id found: Ryukote

[21:25:46 Debug] IdentityServer4.EntityFramework.Stores.ClientStore Ryukote found in database: False

[21:25:46 Error] IdentityServer4.Validation.ClientSecretValidator No client with id 'Ryukote' found. aborting

Log is confusing me cause there are stuff that are not true. That can be confirmed by looking at Postman screenshot I provided.

1
postgresqlasp.net-coreasp.net-identityidentityserver4
Identity service's console output\log file service will give you more information about why the client is invalid. - Richard
Thank you. I have included logging and I got a weird log. I will paste log and what I have in Postman in original post. - Ryukote

1 Answers

1
votes

The error is coming from BasicAuthenticationSecretParser so I think you may have a Basic authorization header in your request to the token endpoint which contains

Authorization: Basic Ryukote:password

This is where IdentityServer is getting the client id 'Ryukote' from.

Remove the authorization header from your request.