Comments (13)
Hello,Do you have an example demonstrating pending requests in your project?If I want to showcase the features here, how do I configure them on 5001 or 5002?
Are the functions here the same as those in IDS in
https://github.com/DuendeSoftware/Samples/tree/main/IdentityServer/v7/SessionManagement/BackChannelClient?
I found that when my client Scope has "offline-access", the content can be displayed in it:
If the client Scope does not include "offline-access", then this page has nothing. I feel that the feature you mentioned is similar to this, is it as I understand it?
from simpleidserver.
offline-access
I misunderstood "offline access" as it is a parameter used to request a token refresh. Your project does not need to configure this scope and can also request a token refresh. In the BackChannelClient project of ids, if the scope does not include "offline access", clicking to request a token refresh will result in an error.
from simpleidserver.
Mobile Application
I have pushed version "4.0.6" to the AppCenter.
Could you please install the latest version and try again?
There is an error in the documentation; the registration URL should be https://openid.simpleidserver.com/master/registration?workflowName=mobile.
One-Time Password
Currently, SimpleIdServer does not support an authentication method that accepts an OTP code for user authentication. I have created a ticket #680 to implement support for this new authentication method.
The QR code displayed in the Identity Server is the same as the one displayed on the administration website.
Pending Requests
The concept of "Pending Requests" differs from OAUTH2.0 concepts. This concept originates from the User-Managed Access 2.0 Protocol (UMA 2.0). For more information, please refer to this documentation: https://riskinsight-wavestone.com/en/2018/09/demystifying-uma2/ I have created a ticket #681 to add some examples.
Offline Scope
There was indeed an issue with the "offline_scope." This issue has been fixed in the master branch.
from simpleidserver.
Hello @qq1176914912,
The Ticket #680 has been completed, and the modifications are now incorporated into the master
branch.
You can now authenticate using the code generated by your mobile application, such as theAuthenticator
.Follow these steps:
- Open the Authenticator mobile application and scan the QR Code.
- Create a new Authentication Context with the
otp
authentication method. - Click on the link and enter the login along with the OTP generated by the mobile application
from simpleidserver.
Mobile Application
I have pushed version "4.0.6" to the AppCenter. Could you please install the latest version and try again? There is an error in the documentation; the registration URL should be https://openid.simpleidserver.com/master/registration?workflowName=mobile.
One-Time Password
Currently, SimpleIdServer does not support an authentication method that accepts an OTP code for user authentication. I have created a ticket #680 to implement support for this new authentication method.
The QR code displayed in the Identity Server is the same as the one displayed on the administration website.
Pending Requests
The concept of "Pending Requests" differs from OAUTH2.0 concepts. This concept originates from the User-Managed Access 2.0 Protocol (UMA 2.0). For more information, please refer to this documentation: https://riskinsight-wavestone.com/en/2018/09/demystifying-uma2/ I have created a ticket #681 to add some examples.
Offline Scope
There was indeed an issue with the "offline_scope." This issue has been fixed in the master branch.
Thank you for your reply.
Mobile Application
I have installed the following version on my phone and tested the registration connection you sent, but it still shows an error of "n error occurred while trying to parse the QR Code", and there is no place to input JSON data in the new version of the application.Will the Chinese region be affected.
One-Time Password
1、I created a sample for testing OTP in ACRS, and the test passed.
Is this how you used OTP when you mentioned it? Or other ways?
2、I found two OTPs on the Authentications page, one can be clicked and the other cannot be clicked:
And after entering the OTP that can be clicked, the page will continue to load, and an error message will appear in 5002:
3、Clicking on OTP on page 5001 will not display the content.
Offline Scope
What is the issue you have discovered? I am not sure if any changes need to be made to the previous program. Is it necessary for my client program to request a refresh token scope with "Offline Scope" in order to be able to request it normally in the future?
from simpleidserver.
There is one more question, I remember before 5002, there was a text introduction below when adding the client. Did the new version delete it?
from simpleidserver.
Mobile Application
The exceptions in the mobile application have been resolved. Unfortunately, when MAUI is published in RELEASE mode, JSON serialization and deserialization are not functioning correctly.
Could you please download the application from the following link and try again? https://install.appcenter.ms/users/agentsimpleidserver-gmail.com/apps/simpleidserver/distribution_groups/public
One-Time Password
The administration website has been fixed, and the OTP is now displayed only once.
The OTP has been temporarily removed from the list of "enroll credentials" because the registration workflow for the OTP credential is not yet supported.
I have created ticket #684 to address and support this workflow.
Offline Scope
There was an issue in the Authorization Code grant-type where, when an access token was issued, the refresh token was always issued as well.
However, according to the RFC, the refresh token must be issued only if the scope offline_access is passed into the token request.
In the future, when using the authorization code and you want to obtain a refresh token, you must include the offline_access scope in the token request.
Client Description Missing
The client description is now displayed when a client type is selected.
from simpleidserver.
Mobile Application
The exceptions in the mobile application have been resolved. Unfortunately, when MAUI is published in RELEASE mode, JSON serialization and deserialization are not functioning correctly. Could you please download the application from the following link and try again? https://install.appcenter.ms/users/agentsimpleidserver-gmail.com/apps/simpleidserver/distribution_groups/public
One-Time Password
The administration website has been fixed, and the OTP is now displayed only once. The OTP has been temporarily removed from the list of "enroll credentials" because the registration workflow for the OTP credential is not yet supported. I have created ticket #684 to address and support this workflow.
Offline Scope
There was an issue in the Authorization Code grant-type where, when an access token was issued, the refresh token was always issued as well. However, according to the RFC, the refresh token must be issued only if the scope offline_access is passed into the token request. In the future, when using the authorization code and you want to obtain a refresh token, you must include the offline_access scope in the token request.
Client Description Missing
The client description is now displayed when a client type is selected.
Mobile Application
I downloaded a new version:
The testing address is still:
https://openid.simpleidserver.com/master/registration?workflowName=mobile
Unfortunately, the error still persists:Is it because the Chinese network is unable to connect to your program?
And even after opening "Enable developer mode" in "settings", there is still no place to input JSON on the homepage:
from simpleidserver.
Regrettably, this exception occurs when the mobile application attempts to retrieve the FCM Token (Cloud Messaging Firebase token).
It is likely that this service is blocked in China :(
The token is essential in the enrollment process of the mobile application, as it is utilized by the Identity Server to send push notifications directly to the mobile application.
from simpleidserver.
Regrettably, this exception occurs when the mobile application attempts to retrieve the FCM Token (Cloud Messaging Firebase token). It is likely that this service is blocked in China :(
The token is essential in the enrollment process of the mobile application, as it is utilized by the Identity Server to send push notifications directly to the mobile application.
Thank you for your reply.
from simpleidserver.
Mobile Application
The exceptions in the mobile application have been resolved. Unfortunately, when MAUI is published in RELEASE mode, JSON serialization and deserialization are not functioning correctly. Could you please download the application from the following link and try again? https://install.appcenter.ms/users/agentsimpleidserver-gmail.com/apps/simpleidserver/distribution_groups/public
One-Time Password
The administration website has been fixed, and the OTP is now displayed only once. The OTP has been temporarily removed from the list of "enroll credentials" because the registration workflow for the OTP credential is not yet supported. I have created ticket #684 to address and support this workflow.
Offline Scope
There was an issue in the Authorization Code grant-type where, when an access token was issued, the refresh token was always issued as well. However, according to the RFC, the refresh token must be issued only if the scope offline_access is passed into the token request. In the future, when using the authorization code and you want to obtain a refresh token, you must include the offline_access scope in the token request.
Client Description Missing
The client description is now displayed when a client type is selected.
One-Time Password
as I mentioned earlier, I found that I can no longer use OTP as a password to log in (OTP in ACRS can be used normally), and it will display "Credential is invalid".I remember you solved this problem before, and I also tested that I can use otp's code as a password, but I tested the previous version I found that it doesn't seem to work as a password either, am I remembering it wrong?
from simpleidserver.
I don't recall working on a ticket to implement the use of an OTP code instead of a password.
OTP is employed when utilizing one of the following authentication methods:
- sms
- otp
from simpleidserver.
I don't recall working on a ticket to implement the use of an OTP code instead of a password. OTP is employed when utilizing one of the following authentication methods:
- sms
- otp
Okay, maybe I'm misremembering.
from simpleidserver.
Related Issues (20)
- Remember me expiration date HOT 1
- PATCH for groups returns 500 when members are updated HOT 7
- Cannot sync SCIM with Azure AD out of the box HOT 5
- Bulk updates only change string columns HOT 3
- SCIM - Support multi tenant
- SCIM - Documentation - Add 'primary' property in the addresses
- Migrate all the project to DOTNET8
- SCIM MongoDB Size must be between 0 and 16793600(16MB) HOT 2
- Find the problem HOT 18
- 参数类型不匹配 HOT 2
- LDAP tutorial HOT 2
- Can you provide a non-Entity Framework ORM, e.g. one that uses SqlSugar? HOT 4
- Retry failed commands in masstransit
- Having a postgresql problem? HOT 1
- IIS Hosting Issue - Exception in Event Log
- BulkExtensions licencing complexity HOT 4
- SCIM Notification does not contains anymore user info HOT 4
- Turn off the user logout issue HOT 3
- The example fails to run HOT 12
- Update the mobile application to be compliant with EBSI
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from simpleidserver.