我已经通过azure api管理为api请求实现了jwt验证,但是失败了。该政策是这样的。
<validate-jwt header-name="Autherization" failed-validation-httpcode="401" failed-validation-error-message="Unauthorized. Access token is missing or invalid." require-scheme="Bearer ">
<openid-config url="https://myb2cdev.b2clogin.com/myb2cdev.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=B2C_1ctest" />
<audiences>
<audience>169679ed8-61df-0695-4375-574c3287ee98</audience>
</audiences>
<issuers>
<issuer>https://myb2cdev.b2clogin.com/97a8e403-f111-4454-8561-0c2881aae4a/v2.0/</issuer>
</issuers>
</validate-jwt>
授权令牌包含附加的Bearer字符串。前令牌:“承载者auserasereadnasewrewrwerwete ....”注意:betweeb Bearer和实际令牌之间有一个空格。
有人可以帮我解决这个问题吗?响应始终是:{statusCode“:401,” message“:”未授权。访问令牌丢失或无效“}
谢谢,
从策略中删除require-scheme =“ Bearer”。它将仍然验证在Authorization标头中发送的Bearer令牌为Authorization:Bearer xxxxx