0

I am receiving an error saying "CurlException: Couldn't connect to server"

I am trying to access an API with this code in the client controller:

var tokenClient = new TokenClient("http://localhost:5003/connect/token", "client", "secret");
var tokenResponse = await tokenClient.RequestClientCredentialsAsync("api1");

var client = new HttpClient();
client.SetBearerToken(tokenResponse.AccessToken);
var content = await client.GetStringAsync("http://localhost:5102/api/catalog/items");

ViewBag.Json = JArray.Parse(content).ToString();
return View("json");

This is the code in the client:

services.AddAuthentication(options =>
        {
            options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
            // options.DefaultAuthenticateScheme = "Cookies";
        })
        .AddCookie()
        .AddOpenIdConnect(options => {
            options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;

            options.Authority = identityUrl.ToString();
            options.SignedOutRedirectUri = callBackUrl.ToString();
            options.ClientId ="client";
            options.ClientSecret = "secret";
            options.ResponseType =  "code id_token";
            options.SaveTokens = true;
            options.GetClaimsFromUserInfoEndpoint = true;
            options.RequireHttpsMetadata = false;
            options.Scope.Add("openid");
            options.Scope.Add("profile");
            options.Scope.Add("api1");

The code in the IdentityServer config:

new Client
            {
                ClientId = "client",
                ClientSecrets = new [] { new Secret("secret".Sha256())},
                AllowedGrantTypes = GrantTypes.Hybrid,
                RedirectUris = { "http://localhost:5202/signin-oidc" },
                PostLogoutRedirectUris = {"http://localhost:5202/signout-callback-oidc"},
                AllowAccessTokensViaBrowser = false,
                AllowOfflineAccess = true,
                RequireConsent = true,
                AlwaysSendClientClaims = true,
                AlwaysIncludeUserClaimsInIdToken = true,
                AllowedScopes = new List<string>
                {

                    IdentityServerConstants.StandardScopes.OpenId,
                    IdentityServerConstants.StandardScopes.Profile,
                    //"MobileApi"
                    "api1"
                }

And the code in the Api:

        services.AddAuthentication("Bearer")
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority =Configuration.GetValue<string>("IdentityUrl");
                options.RequireHttpsMetadata = false;

                options.ApiName = "api1";
            });

All Url variables are correct, I've used them in other places without issue. I believe the issue is with docker because of this thread on github: https://github.com/aspnet/Home/issues/1975. However the "answer" has no explantion and is vague in its execution. Is there a way to fix this issue so that I that client can connect to the api through docker?

Gutsee
  • 17
  • 1
  • 7
  • Probably orthogonal to the actual issue, but your allowed client port number is different to the port number you're requesting data from once you've got your bearer token. IdentityServer will spit this back at you as an invalid request, *if* that Config.cs is the same as your actual configuration (assuming you've setup a database to hold it) – SpaceBison Feb 12 '18 at 10:02
  • I believe you're referring to the client.getstringasync? That is the api port. – Gutsee Feb 12 '18 at 15:17
  • Ok, so I assume you updated your AllowedRedirectUri list to reflect that? Because your code above shows that you are allowing localhost:5202 and not localhost:5102 – SpaceBison Feb 12 '18 at 15:59
  • I did not update anything. :5202 is the webmvc which is where it should redirect. :5102 is the api. – Gutsee Feb 12 '18 at 16:09

1 Answers1

0

You need to use the ip address or a hostname for the container instead of using localhost.

Eldorian
  • 603
  • 1
  • 6
  • 18
  • Where would I find this? I tried using the docker ip. Which works for my identity server, but does not work for api or webmvc. I also tried docker -inspect and using the ip addresses found there, none of them work in the browser. – Gutsee Feb 12 '18 at 16:06
  • Are you also exposing the ports you need? Also, you might also need to look into using bridge or host mode which is explained in detail here: https://stackoverflow.com/questions/24319662/from-inside-of-a-docker-container-how-do-i-connect-to-the-localhost-of-the-mach – Eldorian Feb 13 '18 at 18:40