我正在开发一个带有.NET WebApi中间件的Xamarin Forms应用程序。
在Xamarin图层I执行ADAL登录,就像这样(iOS实现):
var authContext = new AuthenticationContext(authority + tenantId);
if (authContext.TokenCache.ReadItems().Any())
authContext = new AuthenticationContext(authContext.TokenCache.ReadItems().First().Authority);
var controller = GetVisibleViewController();
var uri = new Uri(returnUri);
var platformParams = new PlatformParameters(controller);
var authResult = await authContext.AcquireTokenAsync(resource,
clientId, uri, platformParams, UserIdentifier.AnyUser);
登录工作,我得到令牌,然后将其传递给WebAPI层,如下所示:
httpClient.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue("Bearer",
authResult.AccessToken);
我的WebAPI层设置为接受jwt bearer auth:
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
Authority = Configuration["Authentication:AzureAd:AADInstance"]
+ Configuration["Authentication:AzureAd:TenantId"],
Audience = Configuration["Authentication:AzureAd:Audience"]
});
但是,当我使用[授权]向控制器发出请求时,我收到此错误:
2017-12-29 11:50:41.134 +00:00 [Information] Failed to validate the token "....".
Microsoft.IdentityModel.Tokens.SecurityTokenInvalidSignatureException: IDX10500: Signature validation failed. No security keys were provided to validate the signature.
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature(String token, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.<HandleAuthenticateAsync>d__1.MoveNext()
2017-12-29 11:50:41.149 +00:00 [Information] "Bearer" was not authenticated. Failure message: "IDX10500: Signature validation failed. No security keys were provided to validate the signature."
这个签名在谈什么? 是客户端还是中间件层的问题?