asp.net – UseJwtBearerAuthentication返回401
我在我的应用程序堆栈中使用Firebase和dotnet核心.
我正在使用Firebase iOS API生成JWT罚款,并且可以使用jwt.io的解析器确认结构是否符合预期和有效. 安装程序 我按照this article设置dotnet core来根据请求自动设置主体. 我的启动文件的配置方法如下所示,实际上< project-id>部分由项目应用程序替换(我可以确认它与我在解析的JWT中的aud属性相同,如jwt.io上所示): public void Configure(IApplicationBuilder app,IHostingEnvironment env,ILoggerFactory loggerFactory) { loggerFactory.AddConsole(Configuration.GetSection("Logging")); loggerFactory.AddDebug(); loggerFactory.AddSerilog(); app.UseJwtBearerAuthentication(new JwtBearerOptions { AutomaticAuthenticate = true,IncludeErrorDetails = true,Authority = "https://securetoken.google.com/<project-id>",TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true,ValidIssuer = "https://securetoken.google.com/<project-id>",ValidateAudience = true,ValidAudience = "<project-id>",ValidateLifetime = true,},}); app.UseMvc(); } 请求 我有一个控制器动作,我可以在网址http:// localhost:5000 / api / dashboard上点击,并在控制器上没有Authorize属性时获得预期的响应.然后我添加了Authorize属性,以便我可以开始测试JWT中间件. 我在Postman中创建了一个请求,如下图所示: 响应 如上图所示,响应是401 Unauthorized. 服务器登录我的调试输出看起来像这样. info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1] Request starting HTTP/1.1 GET http://localhost:5000/api/dashboard Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 GET http://localhost:5000/api/dashboard info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2] Authorization failed for user: (null). Microsoft.AspNetCore.Authorization.DefaultAuthorizationService:Information: Authorization failed for user: (null). info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[1] Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'. Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information: Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'. info: Microsoft.AspNetCore.Mvc.ChallengeResult[1] Executing ChallengeResult with authentication schemes (). Microsoft.AspNetCore.Mvc.ChallengeResult:Information: Executing ChallengeResult with authentication schemes (). info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerMiddleware[12] AuthenticationScheme: Bearer was challenged. Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerMiddleware:Information: AuthenticationScheme: Bearer was challenged. info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2] Executed action Sured.Api.Controllers.DashboardController.Get (Sured.Api) in 20.2369ms Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information: Executed action Sured.Api.Controllers.DashboardController.Get (Sured.Api) in 20.2369ms info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2] Request finished in 37.6488ms 401 问题 我一直在研究谷歌和搜索源代码,我根本无法解决这个问题. 谁能看到我在这里做错了什么? 为了更好地衡量,这是我项目中的所有依赖版本: <PackageReference Include="Microsoft.AspNetCore" Version="1.1.2" /> <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="1.1.3" /> <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.2" /> <PackageReference Include="Serilog" Version="2.5.0" /> <PackageReference Include="Serilog.Enrichers.Environment" Version="2.1.2" /> <PackageReference Include="Serilog.Extensions.Logging" Version="1.4.0" /> <PackageReference Include="Serilog.Settings.Configuration" Version="2.4.0" /> <PackageReference Include="Serilog.Sinks.ElasticSearch" Version="5.3.0" /> <PackageReference Include="Serilog.Sinks.RollingFile" Version="3.3.0" /> <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="1.1.2" /> 解决方法
看起来默认情况下已经添加了密钥.可能您可能需要将密钥添加到帖子中.
关键:授权价值:Bearer eyjhbGciOij … 这是必须在谷歌API帖子中允许安全连接.仪表板会自动添加此密钥. 资源:以前使用Google API的经验 (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
- asp.net – WebMethod未被Visual Studio 2013中的PageMetho
- 多线程异步编程示例和实践-Task
- asp.net-mvc – 升级到.Net 4.5和osFamily 3后无法启动Azur
- asp.net – 为什么IIS 7.5在重启后重新编译整个网站?
- 删除时jQGrid主键问题
- ASP.Net MVC C#另一个viewmodel中的两个viewmodel – 如何在
- 使用ASP.NET 5中的默认DI容器一次注册所有服务,类似于Autof
- asp.net-core – 从ASP.NET Core MVC Web应用程序(RC2)引用
- asp.net-core – 在Asp.Net Core中注入DbContext.具体类型还
- asp.net-mvc-3 – MVC3 AllowHtml属性的问题
- asp.net-mvc – 使用ServiceStack设计Web应用程序
- asp.net-mvc – 如何修复错误名称空间’System’
- asp.net-mvc – Razor模板,views和angular.js
- asp.net – 如何在asp中使用会话变量使用c#
- MVC ASP.NET – 手动授权某人并通过表单身份验证
- 从VS发布到Azure时无法更改目标运行时
- 采用Opserver来监控你的ASP.NET项目系列(二、监控
- asp.net-mvc – 域驱动的编程和事件
- asp.net – SQL Server 2005网络IO等待时间(ASYN
- asp.net-web-api – 从ASP.NET WebAPI 2中的头和