How to get Api token using client secret key ? #1088

Naren created 4 years ago

need full steps to set client secret key and how to use in postman to get token.

I want to get api token based on client secrete key and gives error "Invalid_Client" when we set require client secret in abp commercial settings.hope now you understand.
give us the steps to use client secret as required and how to get the token with client secret key in postman.

maliming created 4 years ago

Support Team Fullstack Developer

hi Naren

I will try to share the full steps and code.

maliming created 4 years ago

Support Team Fullstack Developer

[10:24:04 DBG] Secret validators could not validate secret
[10:24:04 INF] {"ClientId": "QAX_App", "Category": "Authentication", "Name": "Client Authentication Failure", "EventType": "Failure", "Id": 1011, "Message": "Invalid client secret", "ActivityId": "0HM7F6ITJS7FV:00000006", "TimeStamp": "2021-03-25T02:24:04.0000000Z", "ProcessId": 16676, "LocalIpAddress":
"::1:44328", "RemoteIpAddress": "::1", "$type": "ClientAuthenticationFailureEvent"}
[10:24:04 ERR] Client secret validation failed for client: QAX_App.
[10:24:04 INF] Request finished HTTP/1.1 POST https://localhost:44328/connect/token application/x-www-form-urlencoded 71 - 400 - application/json;+charset=UTF-8 43.6361ms

After add Client_Secret:

[10:26:16 INF] Request starting HTTP/1.1 POST https://localhost:44328/connect/token application/x-www-form-urlencoded 95
[10:26:16 DBG] Request path /connect/token matched to endpoint type Token
[10:26:16 DBG] Endpoint enabled: Token, successfully created handler: IdentityServer4.Endpoints.TokenEndpoint
[10:26:16 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
[10:26:16 DBG] Start token request.
[10:26:16 DBG] Start client validation
[10:26:16 DBG] Start parsing Basic Authentication secret
[10:26:16 DBG] Start parsing for secret in post body
[10:26:16 DBG] Parser found secret: PostBodySecretParser
[10:26:16 DBG] Secret id found: QAX_App
[10:26:16 DBG] client configuration validation for client QAX_App succeeded.
[10:26:16 DBG] Secret validator success: HashedSharedSecretValidator
[10:26:16 DBG] Client validation success
[10:26:16 INF] {"ClientId": "QAX_App", "AuthenticationMethod": "SharedSecret", "Category": "Authentication", "Name": "Client Authentication Success", "EventType": "Success", "Id": 1010, "Message": null, "ActivityId": "0HM7F6ITJS7FV:00000008", "TimeStamp": "2021-03-25T02:26:16.0000000Z", "ProcessId": 1667
6, "LocalIpAddress": "::1:44328", "RemoteIpAddress": "::1", "$type": "ClientAuthenticationSuccessEvent"}
[10:26:16 DBG] Start token request validation
[10:26:16 DBG] Start resource owner password token request validation
[10:26:16 WRN] Ldap login feature is not enabled!
[10:26:16 INF] Credentials validated for username: admin
[10:26:16 INF] {"Username": "admin", "Provider": null, "ProviderUserId": null, "SubjectId": "8a0ff9af-ed31-29e9-fc65-39fb795c9baa", "DisplayName": null, "Endpoint": "Token", "ClientId": "QAX_App", "Category": "Authentication", "Name": "User Login Success", "EventType": "Success", "Id": 1000, "Message": n
ull, "ActivityId": "0HM7F6ITJS7FV:00000008", "TimeStamp": "2021-03-25T02:26:16.0000000Z", "ProcessId": 16676, "LocalIpAddress": "::1:44328", "RemoteIpAddress": "::1", "$type": "UserLoginSuccessEvent"}
[10:26:16 DBG] Resource owner password token request validation success.
[10:26:16 INF] Token request validation success, {"ClientId": "QAX_App", "ClientName": "QAX_App", "GrantType": "password", "Scopes": "address email offline_access openid phone profile QAX role", "AuthorizationCode": "********", "RefreshToken": "********", "UserName": "admin", "AuthenticationContextRefere
nceClasses": null, "Tenant": null, "IdP": null, "Raw": {"Client_Id": "QAX_App", "UserName": "admin", "Password": "***REDACTED***", "grant_type": "password", "Client_Secret": "***REDACTED***"}, "$type": "TokenRequestValidationLog"}
[10:26:16 DBG] Getting claims for access token for client: QAX_App
[10:26:16 DBG] Getting claims for access token for subject: 8a0ff9af-ed31-29e9-fc65-39fb795c9baa
[10:26:16 DBG] Creating refresh token
[10:26:16 DBG] Setting an absolute lifetime: 31536000
[10:26:16 INF] {"ClientId": "QAX_App", "ClientName": "QAX_App", "RedirectUri": null, "Endpoint": "Token", "SubjectId": "8a0ff9af-ed31-29e9-fc65-39fb795c9baa", "Scopes": "address email offline_access openid phone profile QAX role", "GrantType": "password", "Tokens": [{"TokenType": "refresh_token", "TokenV
alue": "****B62F", "$type": "Token"}, {"TokenType": "access_token", "TokenValue": "****497A", "$type": "Token"}], "Category": "Token", "Name": "Token Issued Success", "EventType": "Success", "Id": 2000, "Message": null, "ActivityId": "0HM7F6ITJS7FV:00000008", "TimeStamp": "2021-03-25T02:26:16.0000000Z",
"ProcessId": 16676, "LocalIpAddress": "::1:44328", "RemoteIpAddress": "::1", "$type": "TokenIssuedSuccessEvent"}
[10:26:16 DBG] Token request success.
[10:26:16 INF] Request finished HTTP/1.1 POST https://localhost:44328/connect/token application/x-www-form-urlencoded 95 - 200 - application/json;+charset=UTF-8 220.1673ms

Naren created 4 years ago

require client secret.PNG
We set secret client required here.
Shared secret key.PNG
using this secret key in postman.

getting same invalid_client

maliming created 4 years ago

Support Team Fullstack Developer

Please share the error logs of invalid_client.

Naren created 4 years ago

Hi
Where we will get this error log?

maliming created 4 years ago

Support Team Fullstack Developer

It's located at Logs/logs.txt by default.

Naren created 4 years ago

2021-03-25 11:56:57.205 +05:30 [INF] Request starting HTTP/1.1 POST https://localhost:44318/connect/token application/x-www-form-urlencoded 137
2021-03-25 11:56:57.221 +05:30 [DBG] Request path /connect/token matched to endpoint type Token
2021-03-25 11:56:57.236 +05:30 [DBG] Endpoint enabled: Token, successfully created handler: IdentityServer4.Endpoints.TokenEndpoint
2021-03-25 11:56:57.236 +05:30 [INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
2021-03-25 11:56:57.236 +05:30 [DBG] Start token request.
2021-03-25 11:56:57.236 +05:30 [DBG] Start client validation
2021-03-25 11:56:57.236 +05:30 [DBG] Start parsing Basic Authentication secret
2021-03-25 11:56:57.236 +05:30 [DBG] Start parsing for secret in post body
2021-03-25 11:56:57.236 +05:30 [DBG] Parser found secret: PostBodySecretParser
2021-03-25 11:56:57.236 +05:30 [DBG] Secret id found: xxxxx
2021-03-25 11:56:57.248 +05:30 [DBG] client configuration validation for client xxxxx succeeded.
2021-03-25 11:56:57.248 +05:30 [DBG] No matching hashed secret found.
2021-03-25 11:56:57.248 +05:30 [DBG] Secret validators could not validate secret
2021-03-25 11:56:57.248 +05:30 [INF] {"ClientId":"xxxxx","Category":"Authentication","Name":"Client Authentication Failure","EventType":"Failure","Id":1011,"Message":"Invalid client secret","ActivityId":","TimeStamp":"2021-03-25T06:26:57.0000000Z","ProcessId":,"LocalIpAddress,"RemoteIpAddress"","$type":"ClientAuthenticationFailureEvent"}
2021-03-25 11:56:57.248 +05:30 [ERR] Client secret validation failed for client: xxxxx.