.NET Core JWT Auth 中 User.Identity.IsAuthenticated 始终为 false 并且 User.Identity.Claims 为 null

问题描述 投票:0回答:1

Program.cs

builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
    .AddJwtBearer(options =>
    {
        options.TokenValidationParameters = new TokenValidationParameters
        {
            //ValidateIssuer = true,
            //ValidateAudience = true,
            ValidateLifetime = true,
            ValidateIssuerSigningKey = true,
            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"]))
        };
    });


GenTokenController
——返回具有正确值的正确标记

private string GenerateJwtToken(CurrentUserVM currentUser)
{
    var tokenHandler = new JwtSecurityTokenHandler();
    var key = Encoding.ASCII.GetBytes(_config.GetSection("Jwt:Key").Value);
    var ExpireMinutes = _config.GetSection("Jwt:ExpireMinutes").Value;
    var tokenDescriptor = new SecurityTokenDescriptor
    {
        Subject = new ClaimsIdentity(new Claim[]
        {
               new Claim(ClaimTypes.NameIdentifier, currentUser.UserId.ToString()),
               new Claim(ClaimTypes.GroupSid, currentUser.OrgId.ToString()),
               new Claim(ClaimTypes.Role, currentUser.RoleCode)
        }),
        Expires = DateTime.UtcNow.AddMinutes(Convert.ToInt32(ExpireMinutes)),
        SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),
                                                                   SecurityAlgorithms.HmacSha512Signature)
    };
    var token = tokenHandler.CreateToken(tokenDescriptor);
    return tokenHandler.WriteToken(token);
}


UserController
-- 尝试获取当前用户:

[HttpGet]
[Authorize(Roles ="Admin")]
public async Task<IActionResult> GetUsers()
{
     var curr_user = GetCurrentUser();
     var users = new List<User>();
     return Ok(users);
}

private CurrentUserVM GetCurrentUser()
{
    if (HttpContext == null || HttpContext.User == null)
    {
        return null;
    }

    var identity = HttpContext.User.Identity as ClaimsIdentity;

    if (identity != null)
    {
        var userClaims = identity.Claims;

        if (userClaims == null || !userClaims.Any())
        {
            return null;
        }

        return new CurrentUserVM
        {
            OrgId = int.Parse(userClaims.FirstOrDefault(x => x.Type == ClaimTypes.GroupSid)?.Value),
            UserId = int.Parse(userClaims.FirstOrDefault(x => x.Type == ClaimTypes.NameIdentifier)?.Value),
            RoleCode = userClaims.FirstOrDefault(x => x.Type == ClaimTypes.Role)?.Value
        };
    }
    return null;
}

当使用 

[Authorize]
属性时,此调用返回 401,但未在 
GetCurrentUser()
函数中使用

var userClaims = identity.Claims;

返回 null 并且 

User.Identity.IsAuthenticated
始终为 false。

我尝试添加

builder.Services.AddHttpContextAccessor();

然后使用服务提供商 - 但这也不起作用。

.net-core jwt httpcontext
1个回答
0
投票

如果您不想验证生成令牌的服务器(ValidateIssuer = true)并验证令牌的接收者是否有权接收(ValidateAudience = true),请尝试将其设置为 false,不要注释它。

ValidateIssuer = false,
ValidateAudience = false,
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.