我正在开发一个 ASP.NET Core 8 Web API 项目,我必须使用 JWT 令牌。但无论我做什么,我都面临着一个错误。我可以在登录时生成令牌,但是当我尝试使用生成的令牌调用天气控制器时,出现错误
承载错误=“invalid_token - 401 未经授权”
我到处搜索,尽力了解问题所在..
这是我生成令牌的控制器:
初始生成的 JWT HttpGet 请求时发生 Postman 错误
[Route("[controller]")]
[ApiController]
public class AuthController : ControllerBase
{
[HttpPost("login")]
public async Task<IActionResult> signIn(UserCred userDetails)
{
if (userDetails != null && userDetails.PhoneNumber != null && userDetails.Pin!= null)
{
UserDetails user = _user.GetUser(userDetails.PhoneNumber, userDetails.Pin);
if (user != null)
{
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, _config["Jwt:Subject"]),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString()),
new Claim("UserId", user.Id),
new Claim("DisplayName", user.FirstName),
new Claim("UserName", user.LastName),
new Claim("Email", user.Email)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"]));
var signIn = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(_config["Jwt:Issuer"],
_config["Jwt:Audience"],
claims,
expires: DateTime.UtcNow.AddMinutes(10),
signingCredentials: signIn);
return Ok(new JwtSecurityTokenHandler().WriteToken(token));
}
else
{
return BadRequest("Invalid credentials");
}
}
else
{
return BadRequest();
}
}
}
这是
program.cs
供参考:
var builder = WebApplication.CreateBuilder(args);
var MyAllowSpecificOrigins = "_specificOrigin";
// Add services to the container.
builder.Services.AddCors(options =>
{
options.AddPolicy(name: MyAllowSpecificOrigins, policy =>
{
policy.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader();
});
});
builder.Services.AddControllers();
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
{
options.RequireHttpsMetadata = false;
options.SaveToken = true;
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = true,
ValidateAudience = true,
ValidAudience = builder.Configuration["Jwt:Audience"],
ValidIssuer = builder.Configuration["Jwt:Issuer"],
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"]))
};
});
builder.Services.AddAuthorization();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
builder.Services.AddDbContext<ApplicationDbContext>(options => options.UseSqlServer(
builder.Configuration.GetConnectionString("DefaultConnection")
));
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();
当我在 JWT 调试器网站上测试时,生成的令牌工作正常,但在我的 API 上不起作用 JWT 调试器结果
我真的被困在这里了。让我分享一下该项目的github repo,以供参考:TechBuzzersBank API
我认为错误出在我的控制器中的某个地方,但我无法修复它。也许是我调用 API 的方式(在邮递员中)?
和这是解释。
我发现的一个快速解决方法是:添加
options.UseSecurityTokenValidators = true;
在
builder.Services.AddAuthentication()
有帮助。但它对我不起作用......我决定将当前项目转向 .NET 6。如果我找到任何其他解决方案,我会在这里更新。