Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid grant #12

Closed
twenzel opened this issue Mar 16, 2017 · 3 comments
Closed

Invalid grant #12

twenzel opened this issue Mar 16, 2017 · 3 comments

Comments

@twenzel
Copy link

twenzel commented Mar 16, 2017

I get an invalid grant when I try to login from my WinForms app to IS4.

fail: IdentityServer4.Validation.TokenRequestValidator[0]
      Unexpected code_verifier: 12a783b32873a5b4ae0eb7113a067cd978d3d345a8cb29cc0a1a6df131c5839a
fail: IdentityServer4.Validation.TokenRequestValidator[0]
      {
        "ClientId": "las",
        "ClientName": "LAS.NET Client",
        "GrantType": "authorization_code",
        "AuthorizationCode": "e301575cc20f47acf7c15178310f776642a7a30cf2b6a05f54702097b1645b7a",
        "Raw": {
          "grant_type": "authorization_code",
          "code": "e301575cc20f47acf7c15178310f776642a7a30cf2b6a05f54702097b1645b7a",
          "redirect_uri": "http://localhost/winforms.client",
          "code_verifier": "12a783b32873a5b4ae0eb7113a067cd978d3d345a8cb29cc0a1a6df131c5839a",
          "client_id": "las",
          "client_secret": "secret"
        }
      }

This is the client setup:

 new Client
{
	ClientId = "las",
	ClientName = "LAS.NET Client",
	AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,

	ClientSecrets =
	{
		new Secret("secret".Sha256())
	},

	AllowedScopes = new List<string>
	{
		IdentityServerConstants.StandardScopes.OpenId,
		IdentityServerConstants.StandardScopes.Profile,
		IdentityServerConstants.StandardScopes.Email,
		IdentityServerConstants.StandardScopes.Phone,
		"api1"
	},

	RedirectUris = { "http://localhost/winforms.client" },

	AllowOfflineAccess = true,					
	RequireConsent = false
},

and this is how I initialize my winform app:

var options = new OidcClientOptions
{
	Authority = "http://localhost:5000",
	ClientId = "las",
	ClientSecret = "secret",
	RedirectUri = "http://localhost/winforms.client",
	Scope = "openid profile api1 offline_access",		
	Browser = new WinFormsEmbeddedBrowser(),
	Flow = OidcClientOptions.AuthenticationFlow.Hybrid
};

_oidcClient = new OidcClient(options);

How can I fix this issue?
@leastprivilege
Copy link
Contributor

Set RequirePkce to true on the client definition.

@twenzel twenzel closed this as completed Mar 17, 2017
@twenzel
Copy link
Author

twenzel commented Mar 17, 2017

Works' fine. Thank you.

@github-actions
Copy link

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 23, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@twenzel @leastprivilege