ASP.NET Core WebAPI:承载错误=“ invalid_token”,error_description =“未找到签名密钥”
问题描述 投票:0回答:1
我正在构建ASP .NET Core WebAPI应用程序,并尝试向我的应用程序提供令牌身份验证:
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services
.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer("Bearer", jwtBearerOptions =>
{
jwtBearerOptions.TokenValidationParameters = new TokenValidationParameters
{
//ValidIssuer = "Issuer"
ValidateIssuer = false,
////ValidAudience = "WishlistAppClient",
//ValidateAudience = false,
////ClockSkew = TimeSpan.FromSeconds(5),
//ValidateLifetime = false,
//RequireExpirationTime = false,
//RequireSignedTokens = false,
};
});
services.AddMvc().AddJsonOptions(options =>
{
options.SerializerSettings.ContractResolver = new DefaultContractResolver()
{
NamingStrategy = new SnakeCaseNamingStrategy()
};
options.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore;
});
services.AddDbContext<SchemaContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection"), optionBuilder => optionBuilder.MigrationsAssembly("EventManager.DAL")
));
new DALRegistration().ConfigureServices(services);
var mappingConfig = new MapperConfiguration(configuration =>
{
configuration.AddProfile(new MappingProfile());
});
IMapper mapper = mappingConfig.CreateMapper();
services.AddSingleton(mapper);
services
.AddIdentity<SystemUser, SystemRole>()
.AddEntityFrameworkStores<SchemaContext>()
.AddDefaultTokenProviders();
services.AddScoped<IUserManager, UserManager>();
services.AddScoped<ILoginProvider, LoginProvider>();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
services.AddSpaStaticFiles(configuration =>
{
configuration.RootPath = "ClientApp/dist";
});
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new Info { Title = "My API", Version = "v1" });
c.DescribeAllEnumsAsStrings();
});
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapWebApiRoute("DefaultApi", "api/{controller}/{id?}");
});
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseSpaStaticFiles();
var todayDate = DateTime.Now.ToShortDateString().Replace('/', '.');
app.UseSwagger();
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "My API V1");
c.DocExpansion(DocExpansion.None);
});
loggerFactory.AddFile(Path.Combine(Directory.GetCurrentDirectory(), "LogInformation", $"{DateTime.Now.ToShortDateString().Replace('/','.')}.txt"));
var logger = loggerFactory.CreateLogger("New Logger");
app.Use(async (context, next) =>
{
logger.LogTrace("Processing request {0}", context.Request.Path);
await next.Invoke();
});
app.UseSpa(spa =>
{
spa.Options.SourcePath = "ClientApp";
spa.Options.StartupTimeout = new TimeSpan(0, 2, 0);
if (env.IsDevelopment())
{
spa.UseAngularCliServer(npmScript: "start");
}
});
}
}
API代码受[Authorize(AuthenticationSchemes =“ Bearer”)的保护]当我发送带有任何令牌的请求时,我总是收到401。问题是,我关闭了所有令牌验证,但无济于事。
邮递员中有请求的图片
响应正文为空。响应头(如果无法加载图像):
- HTTP / 1.1 401未经授权
- 服务器:Kestrel
- WWW-Authenticate:承载错误=“ invalid_token”,error_description =“未找到签名密钥”
- X-SourceFiles:=?UTF-8?B?RDpcUmVsZWFzZVxldmVudG1hbmFnZXJcRXZlbnRNYW5hZ2VyXEV2ZW50TWFuYWdlclxhcGlccGFydGljaXBhbnRz?=
- X-Powered-By:ASP.NET
- 日期:星期四,2020年2月20日11:47:54 GMT
- 连接:关闭
- 内容长度:0
请求:
- GET
- https://localhost:44372/api/participants?pageSize=30&page=1 HTTP / 1.1
- 主机:localhost:44372
- 接受:application / json
- 授权:承载eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJJc3N1ZXIiOiJJc3N1ZXIiLCJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.eNvdqZ4NbLXesaJOV-a1CzbJh_QbfTdtqwZmrFI2MLY
- User-Agent:PostmanRuntime / 7.22.0
- 缓存控制:无缓存
- 邮递员令牌:dcf57c4f-b08a-43e0-8d15-85a49e9de795
- [Accept-Encoding:gzip,deflate,br
- 连接:关闭
1个回答
0
投票
投票
这里是我如何实施的示例
services.AddAuthentication()
.AddCookie()
.AddJwtBearer(cfg =>
{
cfg.TokenValidationParameters = new TokenValidationParameters()
{
ValidIssuer = Configuration["Tokens:Issuer"],
ValidAudience = Configuration["Tokens:Audience"],
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Tokens:Key"]))
};
});
并且在控制器上,与您的相似
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
在身份验证控制器中,该操作由带有凭据的“登录”页面调用。检查用户名和密码是否正确后,您必须实施以下代码]
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.Email),
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Tokens:Key"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
_config["Tokens:Issuer"],
_config["Tokens:Audience"],
claims,
expires: DateTime.Now.AddMinutes(30),
signingCredentials: creds);
var results = new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
};
最新问题
- 如何防止仅在 Java 中堆栈(数组实现)中的索引修改
- .Net 6 中的ConfigureAppConfiguration 函数对于.Net 8 来说相当于什么
- iOS 17 Beta 在应用程序和小部件之间共享 AVAudioPlayer 状态
- Robolectric:如何设置我希望 Calendar 类返回的时间?
- 恢复 git 推送
- 带有过滤器的DynamoDB ScanCommand
- 只有普通对象和一些内置对象可以从服务器组件传递到客户端组件
- 为什么Flex会导致多个图像缩小?
- 在工具栏中显示注销并带有警报对话框
- 排序算法更新了不应该的变量
- 如何根据 MongoDB 集合中的匹配来过滤 JavaScript 数组?
- 构建的 PREEMPT_RT 是否比完全设置的 PREEMPT_DYNAMIC 更抢占?
- WordPress REST API:无法上传内容类型图像/jpeg
- 如何正确生成 Visual Studio 的 CMake 项目
- 水平引导卡,其卡体填充垂直空间并具有条件“扩展器”(了解更多)按钮
- 如何从带有产品的超市货架图像中仅提取价格标签信息
- Json Schema 引用重复文件,而不是使用传递的文件作为引用
- 致命错误:glibc。尝试将字符放入文件中
- 如何将剧作家请求对象转换为字符串,因为它只给出承诺?
- alembic 自动生成修订版尝试删除我数据库的所有索引和表
© www.soinside.com 2019 - 2024. All rights reserved.