IdentityServer4 - problem with DeviceFlow authorization The Next CEO of Stack OverflowRole based authorization with IdentityServer4How to get access_token, id_token from authorize endpoint of IdentityServer4?Angular 4 could not authenticate with IdentityServer4How to configure the claim name of role in IdentityServer4/IdentityIdentityserver4 and API in single projectHow can I add AspNetIdentity to my API with IdentityServer4IdentityServer4 - HttpPost for LogOut in MVC ClientAccessing protected API on IdentityServer4 with Bearer TokenMachine to Machine Authorization with IdentityServer4IdentityServer4 without HTTPS not working
Recycling old answers
Rotate a column
Chain wire methods together in Lightning Web Components
Proper way to express "He disappeared them"
Powershell. How to parse gci Name?
Why, when going from special to general relativity, do we just replace partial derivatives with covariant derivatives?
Would be okay to drive on this tire?
Method for adding error messages to a dictionary given a key
Why doesn't UK go for the same deal Japan has with EU to resolve Brexit?
The exact meaning of 'Mom made me a sandwich'
Can we say or write : "No, it'sn't"?
What did we know about the Kessel run before the prequels?
Math-accent symbol over parentheses enclosing accented symbol (amsmath)
Is there always a complete, orthogonal set of unitary matrices?
Why didn't Khan get resurrected in the Genesis Explosion?
What flight has the highest ratio of time difference to flight time?
Would a grinding machine be a simple and workable propulsion system for an interplanetary spacecraft?
Is it ever safe to open a suspicious HTML file (e.g. email attachment)?
Why did CATV standarize in 75 ohms and everyone else in 50?
Is there a difference between "Fahrstuhl" and "Aufzug"
Is it okay to majorly distort historical facts while writing a fiction story?
Is micro rebar a better way to reinforce concrete than rebar?
Bartok - Syncopation (1): Meaning of notes in between Grand Staff
How do I align (1) and (2)?
IdentityServer4 - problem with DeviceFlow authorization
The Next CEO of Stack OverflowRole based authorization with IdentityServer4How to get access_token, id_token from authorize endpoint of IdentityServer4?Angular 4 could not authenticate with IdentityServer4How to configure the claim name of role in IdentityServer4/IdentityIdentityserver4 and API in single projectHow can I add AspNetIdentity to my API with IdentityServer4IdentityServer4 - HttpPost for LogOut in MVC ClientAccessing protected API on IdentityServer4 with Bearer TokenMachine to Machine Authorization with IdentityServer4IdentityServer4 without HTTPS not working
I have a problem setting up Device Flow authorization with IdentityServer4. So I have a created a client with the following properties
new Client
ClientId = "XXXXXXXXXXXXXX",
ClientName = "XXXXXXXXXXXXXX",
AllowedGrantTypes = GrantTypes.DeviceFlow,
AccessTokenType = AccessTokenType.Jwt,
ClientSecrets = new List<Secret>
new Secret("XXXXXXXXXXXXXX".Sha256())
,
AllowedScopes = new List<string>
"XXXXXX"
,
Enabled = true,
AllowAccessTokensViaBrowser = true
Then, from the device I am doing the following request (the requests are taken from the example here):
POST /device_authorization HTTP/1.1
Host: server.example.com
Content-Type: application/x-www-form-urlencoded
client_id=459691054427
Which returns the following:
HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
"device_code":"GMMhmHCXhWEzkobqIHGG_EnNYYsAkukHspeYUk9E8",
"user_code":"WDJB-MJHT",
"verification_uri":"https://www.example.com/device",
"verification_uri_complete":"https://www.example.com/device?user_code=WDJB-MJHT",
"expires_in": 1800,
"interval": 5
Afterwards I keep polling with the device to the Authorization server, which responds:
authorization_pending
Then from the user I am sending the following request to authorize the device:
POST
https://XXXXXXXXX/device/userCode
with an authorization header containing the:
Bearer token_value
of the logged in user from another client application.
However, what I get as a reply is the following:
No user present in device flow request
Which also returns the error in identity server:
IdentityServer4.Services.DefaultDeviceFlowInteractionService:Error: Device authorization failure - no user found
My code for authorizing the device is the following (nothing special just to test it from Postman):
var result = new DeviceFlowInteractionResult();
var request = await _interaction.GetAuthorizationContextAsync(userCode);
if (request == null)
return result;
ConsentResponse grantedConsent = new ConsentResponse
RememberConsent = true,
ScopesConsented = new List<string> "XXXXXXXX" ,
;
result = await _interaction.HandleRequestAsync(userCode, grantedConsent);
return result;
Is anybody familiar with this error?
Does it have to do the user is connected to another client through the authorization server?
I cannot seem to find any proper tutorials around this matter.
c# .net asp.net-core identityserver4
edited Mar 7 at 16:47
Erik Philips
41.6k694126
asked Mar 7 at 16:44
Davelis4Davelis4
6610
add a comment |
I have a problem setting up Device Flow authorization with IdentityServer4. So I have a created a client with the following properties
new Client
ClientId = "XXXXXXXXXXXXXX",
ClientName = "XXXXXXXXXXXXXX",
AllowedGrantTypes = GrantTypes.DeviceFlow,
AccessTokenType = AccessTokenType.Jwt,
ClientSecrets = new List<Secret>
new Secret("XXXXXXXXXXXXXX".Sha256())
,
AllowedScopes = new List<string>
"XXXXXX"
,
Enabled = true,
AllowAccessTokensViaBrowser = true
Then, from the device I am doing the following request (the requests are taken from the example here):
POST /device_authorization HTTP/1.1
Host: server.example.com
Content-Type: application/x-www-form-urlencoded
client_id=459691054427
Which returns the following:
HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
"device_code":"GMMhmHCXhWEzkobqIHGG_EnNYYsAkukHspeYUk9E8",
"user_code":"WDJB-MJHT",
"verification_uri":"https://www.example.com/device",
"verification_uri_complete":"https://www.example.com/device?user_code=WDJB-MJHT",
"expires_in": 1800,
"interval": 5
Afterwards I keep polling with the device to the Authorization server, which responds:
authorization_pending
Then from the user I am sending the following request to authorize the device:
POST
https://XXXXXXXXX/device/userCode
with an authorization header containing the:
Bearer token_value
of the logged in user from another client application.
However, what I get as a reply is the following:
No user present in device flow request
Which also returns the error in identity server:
IdentityServer4.Services.DefaultDeviceFlowInteractionService:Error: Device authorization failure - no user found
My code for authorizing the device is the following (nothing special just to test it from Postman):
var result = new DeviceFlowInteractionResult();
var request = await _interaction.GetAuthorizationContextAsync(userCode);
if (request == null)
return result;
ConsentResponse grantedConsent = new ConsentResponse
RememberConsent = true,
ScopesConsented = new List<string> "XXXXXXXX" ,
;
result = await _interaction.HandleRequestAsync(userCode, grantedConsent);
return result;
Is anybody familiar with this error?
Does it have to do the user is connected to another client through the authorization server?
I cannot seem to find any proper tutorials around this matter.
c# .net asp.net-core identityserver4
edited Mar 7 at 16:47
Erik Philips
41.6k694126
asked Mar 7 at 16:44
Davelis4Davelis4
6610
add a comment |
I have a problem setting up Device Flow authorization with IdentityServer4. So I have a created a client with the following properties
new Client
ClientId = "XXXXXXXXXXXXXX",
ClientName = "XXXXXXXXXXXXXX",
AllowedGrantTypes = GrantTypes.DeviceFlow,
AccessTokenType = AccessTokenType.Jwt,
ClientSecrets = new List<Secret>
new Secret("XXXXXXXXXXXXXX".Sha256())
,
AllowedScopes = new List<string>
"XXXXXX"
,
Enabled = true,
AllowAccessTokensViaBrowser = true
Then, from the device I am doing the following request (the requests are taken from the example here):
POST /device_authorization HTTP/1.1
Host: server.example.com
Content-Type: application/x-www-form-urlencoded
client_id=459691054427
Which returns the following:
HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
"device_code":"GMMhmHCXhWEzkobqIHGG_EnNYYsAkukHspeYUk9E8",
"user_code":"WDJB-MJHT",
"verification_uri":"https://www.example.com/device",
"verification_uri_complete":"https://www.example.com/device?user_code=WDJB-MJHT",
"expires_in": 1800,
"interval": 5
Afterwards I keep polling with the device to the Authorization server, which responds:
authorization_pending
Then from the user I am sending the following request to authorize the device:
POST
https://XXXXXXXXX/device/userCode
with an authorization header containing the:
Bearer token_value
of the logged in user from another client application.
However, what I get as a reply is the following:
No user present in device flow request
Which also returns the error in identity server:
IdentityServer4.Services.DefaultDeviceFlowInteractionService:Error: Device authorization failure - no user found
My code for authorizing the device is the following (nothing special just to test it from Postman):
var result = new DeviceFlowInteractionResult();
var request = await _interaction.GetAuthorizationContextAsync(userCode);
if (request == null)
return result;
ConsentResponse grantedConsent = new ConsentResponse
RememberConsent = true,
ScopesConsented = new List<string> "XXXXXXXX" ,
;
result = await _interaction.HandleRequestAsync(userCode, grantedConsent);
return result;
Is anybody familiar with this error?
Does it have to do the user is connected to another client through the authorization server?
I cannot seem to find any proper tutorials around this matter.
c# .net asp.net-core identityserver4
edited Mar 7 at 16:47
Erik Philips
41.6k694126
asked Mar 7 at 16:44
Davelis4Davelis4
6610
I have a problem setting up Device Flow authorization with IdentityServer4. So I have a created a client with the following properties
new Client
ClientId = "XXXXXXXXXXXXXX",
ClientName = "XXXXXXXXXXXXXX",
AllowedGrantTypes = GrantTypes.DeviceFlow,
AccessTokenType = AccessTokenType.Jwt,
ClientSecrets = new List<Secret>
new Secret("XXXXXXXXXXXXXX".Sha256())
,
AllowedScopes = new List<string>
"XXXXXX"
,
Enabled = true,
AllowAccessTokensViaBrowser = true
Then, from the device I am doing the following request (the requests are taken from the example here):
POST /device_authorization HTTP/1.1
Host: server.example.com
Content-Type: application/x-www-form-urlencoded
client_id=459691054427
Which returns the following:
HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
"device_code":"GMMhmHCXhWEzkobqIHGG_EnNYYsAkukHspeYUk9E8",
"user_code":"WDJB-MJHT",
"verification_uri":"https://www.example.com/device",
"verification_uri_complete":"https://www.example.com/device?user_code=WDJB-MJHT",
"expires_in": 1800,
"interval": 5
Afterwards I keep polling with the device to the Authorization server, which responds:
authorization_pending
Then from the user I am sending the following request to authorize the device:
POST
https://XXXXXXXXX/device/userCode
with an authorization header containing the:
Bearer token_value
of the logged in user from another client application.
However, what I get as a reply is the following:
No user present in device flow request
Which also returns the error in identity server:
IdentityServer4.Services.DefaultDeviceFlowInteractionService:Error: Device authorization failure - no user found
My code for authorizing the device is the following (nothing special just to test it from Postman):
var result = new DeviceFlowInteractionResult();
var request = await _interaction.GetAuthorizationContextAsync(userCode);
if (request == null)
return result;
ConsentResponse grantedConsent = new ConsentResponse
RememberConsent = true,
ScopesConsented = new List<string> "XXXXXXXX" ,
;
result = await _interaction.HandleRequestAsync(userCode, grantedConsent);
return result;
Is anybody familiar with this error?
Does it have to do the user is connected to another client through the authorization server?
I cannot seem to find any proper tutorials around this matter.
c# .net asp.net-core identityserver4
c# .net asp.net-core identityserver4
edited Mar 7 at 16:47
Erik Philips
41.6k694126
asked Mar 7 at 16:44
Davelis4Davelis4
6610
edited Mar 7 at 16:47
Erik Philips
41.6k694126
asked Mar 7 at 16:44
Davelis4Davelis4
6610
edited Mar 7 at 16:47
Erik Philips
41.6k694126
edited Mar 7 at 16:47
Erik Philips
41.6k694126
edited Mar 7 at 16:47
Erik Philips
41.6k694126
41.6k694126
asked Mar 7 at 16:44
Davelis4Davelis4
6610
asked Mar 7 at 16:44
Davelis4Davelis4
6610
asked Mar 7 at 16:44
Davelis4Davelis4
6610
6610
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55048899%2fidentityserver4-problem-with-deviceflow-authorization%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55048899%2fidentityserver4-problem-with-deviceflow-authorization%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
