public class Startup
{
public void Configuration(IAppBuilder app)
{
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=316888
app.UseCors(CorsOptions.AllowAll);
var myProvider = new MyAuthorizationServerProvider();
OAuthAuthorizationServerOptions options = new OAuthAuthorizationServerOptions
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
Provider = myProvider
};
app.UseOAuthAuthorizationServer(options);
app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions());
HttpConfiguration config = new HttpConfiguration();
WebApiConfig.Register(config);
}
}
令牌成功生成,但是当我用这个令牌来访问授权控制器无法正常工作。始终响应消息秀“授权已被拒绝了这个请求” Here postman send request for generate token
这是我的MyAuthorizationServerProvider类
public class MyAuthorizationServerProvider: OAuthAuthorizationServerProvider
{
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
context.Validated();
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
if(context.UserName== "admin" && context.Password == "admin")
{
identity.AddClaim(new Claim(ClaimTypes.Role, "admin"));
identity.AddClaim(new Claim("username", "admin"));
identity.AddClaim(new Claim(ClaimTypes.Name, "Admin Ahasanul Banna"));
context.Validated(identity);
}
else if (context.UserName=="user" && context.Password=="user")
{
identity.AddClaim(new Claim(ClaimTypes.Role, "user"));
identity.AddClaim(new Claim("username", "user"));
identity.AddClaim(new Claim(ClaimTypes.Name, "User Ahasanul Banna"));
context.Validated(identity);
}
else
{
context.SetError("Invalid_grant", "Provided username & password is incorrect");
return;
}
}
}
而我AuthorizeAttribute类
public class AuthorizeAttribute :System.Web.Http.AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
if (!HttpContext.Current.User.Identity.IsAuthenticated)
{
base.HandleUnauthorizedRequest(actionContext);
}
else
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Forbidden);
}
}
}
当我访问使用此令牌服务器响应的任何授权行动“的授权已被拒绝了这个请求。” messageHere Postman send request
[Authorize]
[HttpGet]
[Route("authenticate")]
public IHttpActionResult GetForAuthenticate()
{
var identity = (ClaimsIdentity)User.Identity;
return Ok("Hello" + identity.Name);
}
[Authorize(Roles ="admin")]
[HttpGet]
[Route("authorize")]
public IHttpActionResult GetForAdmin()
{
var identity = (ClaimsIdentity)User.Identity;
var roles = identity.Claims.Where(c => c.Type == ClaimTypes.Role).Select(c => c.Value);
return Ok("Hello" + identity.Name +" Role: " +string.Join(",",roles.ToList()));
}
如何解决这个问题?
检查该代码
public void Configuration(IAppBuilder app)
{
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=316888
app.UseCors(CorsOptions.AllowAll);
var myProvider = new MyAuthorizationServerProvider();
OAuthAuthorizationServerOptions options = new OAuthAuthorizationServerOptions
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
Provider = myProvider
};
app.UseOAuthAuthorizationServer(options);
app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions());
HttpConfiguration config = new HttpConfiguration();
WebApiConfig.Register(config);
}
这里使用的授权服务器配置选项(OK):
app.UseOAuthAuthorizationServer(options);
然后重写它没有选项(不正常)
app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions());
只是删除第二app.UseOAuthAuthorizationServer,然后再试一次。
你也忘了加
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());