asp.net – UseJwtBearerAuthentication返回401

我正在使用Firebase iOS API生成JWT罚款,并且可以使用jwt.io的解析器确认结构是否符合预期和有效.

安装程序

我按照this article设置dotnet core来根据请求自动设置主体.

我的启动文件的配置方法如下所示,实际上< project-id>部分由项目应用程序替换(我可以确认它与我在解析的JWT中的aud属性相同,如jwt.io上所示)：

public void Configure(IApplicationBuilder app,IHostingEnvironment env,ILoggerFactory loggerFactory)
{
    loggerFactory.AddConsole(Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();
    loggerFactory.AddSerilog();

    app.UseJwtBearerAuthentication(new JwtBearerOptions
    {
        AutomaticAuthenticate = true,IncludeErrorDetails = true,Authority = "https://securetoken.google.com/<project-id>",TokenValidationParameters = new TokenValidationParameters
        {  
            ValidateIssuer = true,ValidIssuer = "https://securetoken.google.com/<project-id>",ValidateAudience = true,ValidAudience = "<project-id>",ValidateLifetime = true,},});

    app.UseMvc();
}

请求

我有一个控制器动作,我可以在网址http：// localhost：5000 / api / dashboard上点击,并在控制器上没有Authorize属性时获得预期的响应.然后我添加了Authorize属性,以便我可以开始测试JWT中间件.

我在Postman中创建了一个请求,如下图所示：

响应

如上图所示,响应是401 Unauthorized.

服务器登录我的调试输出看起来像这样.

info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
      Request starting HTTP/1.1 GET http://localhost:5000/api/dashboard  
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 GET http://localhost:5000/api/dashboard  
info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
      Authorization failed for user: (null).
Microsoft.AspNetCore.Authorization.DefaultAuthorizationService:Information: Authorization failed for user: (null).
info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[1]
      Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'.
Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information: Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'.
info: Microsoft.AspNetCore.Mvc.ChallengeResult[1]
      Executing ChallengeResult with authentication schemes ().
Microsoft.AspNetCore.Mvc.ChallengeResult:Information: Executing ChallengeResult with authentication schemes ().
info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerMiddleware[12]
      AuthenticationScheme: Bearer was challenged.
Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerMiddleware:Information: AuthenticationScheme: Bearer was challenged.
info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
      Executed action Sured.Api.Controllers.DashboardController.Get (Sured.Api) in 20.2369ms
Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information: Executed action Sured.Api.Controllers.DashboardController.Get (Sured.Api) in 20.2369ms
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
      Request finished in 37.6488ms 401

问题

我一直在研究谷歌和搜索源代码,我根本无法解决这个问题.

谁能看到我在这里做错了什么？

为了更好地衡量,这是我项目中的所有依赖版本：

<PackageReference Include="Microsoft.AspNetCore" Version="1.1.2" />
<PackageReference Include="Microsoft.AspNetCore.Mvc" Version="1.1.3" />
<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.2" />
<PackageReference Include="Serilog" Version="2.5.0" />
<PackageReference Include="Serilog.Enrichers.Environment" Version="2.1.2" />
<PackageReference Include="Serilog.Extensions.Logging" Version="1.4.0" />
<PackageReference Include="Serilog.Settings.Configuration" Version="2.4.0" />
<PackageReference Include="Serilog.Sinks.ElasticSearch" Version="5.3.0" />
<PackageReference Include="Serilog.Sinks.RollingFile" Version="3.3.0" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="1.1.2" />