基于令牌的邮递员认证

时间:2017-08-27 21:13:31

标签: postman asp.net-core-webapi asp.net-core-2.0

我正在尝试使用Postman使用身份验证令牌发送请求。我可以成功登录并获取令牌。之后,当我尝试向Authenticate方法发送请求时,它会返回401 - Unauthorized。

  

在错误定义中,它表示“签名无效”。

我如何发送登录请求:

Login Request

登录邮递员后返回的内容:

{
    "state": 1,
    "msg": null,
    "data": {
        "requestAt": "2017-08-27T23:44:18.1397478+03:00",
        "expiresIn": 2400,
        "tokenType": "Bearer",
        "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6InVzZXIxIiwiSUQiOiIxMTYwYzg1YS0yMmVkLTQ2N2YtYThjNC05NTk4NmMyNTcyMGYiLCJuYmYiOjE1MDM4NjY2NjAsImV4cCI6MTUwMzg2OTA1OCwiaWF0IjoxNTAzODY2NjYwLCJpc3MiOiJNeUlzc3VlciIsImF1ZCI6Ik15QXVkaWVuY2UifQ.m9q84OVsei19_3zdDSZMfGDsNqotBr6L6xf1e5aJq9OmTE5ZfqJ9k2l84cbMuge4qvABxId_h7QUZT0pI_vqEqohTfhaF2kDloqXEWawN0LTDUdeJt6xqT3W9AWmvmnDFrehM6HOeStNGKqG8955OHnwHyEiYn6AIaqg4Sm6I87xk1C5aBhyfkV6-We-Wfj0W4NSg7_2LOIF6TApsnV8VF34PB5VATER9-g-dVUE0E_q4UmLFYD6lkudAXbA4Oa3iTXJKhLCL4NhacBXYXGN-ZyGwX64F7dWPw_mI8Q_AHpHkSrb4m5pscvgvo0leGRGVmuWuCP__rAZpw1EnLmTiQ"
    }
}

这是我在登录方法后请求的方法:

[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
[HttpGet]
public IActionResult GetUserInfo()
{
   var claimsIdentity = User.Identity as ClaimsIdentity;
   return Json(new RequestResult
   {
      State = RequestState.Success,
      Data = new { UserName = claimsIdentity.Name }
   });
}

这就是我向GetUserInfo方法发送请求的方式:

Get request

最后是我的TokenAuthOptions类:

public class TokenAuthOption
{
    public static string Audience { get; } = "MyAudience";
    public static string Issuer { get; } = "MyIssuer";
    public static RsaSecurityKey Key { get; } = new RsaSecurityKey(RSAKeyHelper.GenerateKey());
    public static SigningCredentials SigningCredentials { get; } = new SigningCredentials(Key, SecurityAlgorithms.RsaSha256Signature);
    public static TimeSpan ExpiresSpan { get; } = TimeSpan.FromMinutes(40);
    public static string TokenType { get; } = "Bearer"; 
}

0 个答案:

没有答案
相关问题
最新问题