我正在尝试验证JWT令牌和请求标头传递的承载令牌。标题仅作为www-authenticate→Bearer给出响应。没有与发行人或其他任何相关的其他错误。除此之外,它响应401,因为它没有验证令牌。由于缺少标题信息,我无法得到与此错误有关的错误。
这是我的Startup.cs配置
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(jwtBearerOptions =>
{
jwtBearerOptions.TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = true,
ValidateActor = false,
ValidateAudience = false,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = Configuration["JwtIssuer"],
ValidAudience = Configuration["JwtExpireDays"],
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes
(Configuration["JwtKey"]))
};
});
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
services.AddMvc(config =>
{
config.Filters.Add(new AuthorizeFilter(policy));
//config.ModelBinderProviders.Insert(0, new BaseEntityModelBinderProvider());
})
令牌生成器 -
protected async Task<string> GenerateJwtToken(string email, IdentityUser user)
{
var claims = new List<Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.NameIdentifier, user.Id)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JwtKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var expires = DateTime.Now.AddDays(Convert.ToDouble(_configuration["JwtExpireDays"]));
var token = new JwtSecurityToken(
_configuration["JwtIssuer"],
_configuration["JwtIssuer"],
claims,
expires: expires,
signingCredentials: creds
);
return new JwtSecurityTokenHandler().WriteToken(token);
}
在使用Bearer令牌请求客户端时,响应只是
请求标题
Authorization:Bearer <token>
回复标题 -
content-length →0
date →Thu, 08 Mar 2018 05:25:23 GMT
server →Kestrel
www-authenticate →Bearer
控制台信息 -
796ms
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 140.7756ms 401
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 GET http://localhost:50954/api/clinic application/json
info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
Authorization failed for user: (null).
info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'.
info: Microsoft.AspNetCore.Mvc.ChallengeResult[1]
Executing ChallengeResult with authentication schemes ().
info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler[12]
AuthenticationScheme: Bearer was challenged.
info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
Executed action eMedHat.SurveyPortal.Controllers.Api.ClinicApiController.GetClinics (eMedHat.SurveyPortal) in 73.5234ms
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 120.6734ms 401