.NET Core 2.0中使用身份的角色授权抛出404

时间:2018-06-28 13:16:13

标签: asp.net-identity asp.net-core-2.0 user-roles

我有带有身份的.Net Core WebApi应用程序。使用JWT进行授权的效果很好,但是在添加基于角色的授权后,[Authorize(Roles =“ Admin”)]引发404。 我的GenerateJwtToken方法是:

Cannot invoke an object which is possibly 'undefined'
Startup.cs中的

ConfigureService如下:

private async Task<object> GenerateJwtToken(string login, IdentityUser user)
    {
        var claims = new List<Claim>
        {
            new Claim(JwtRegisteredClaimNames.Sub, login),
            new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
            new Claim(ClaimTypes.NameIdentifier, user.Id)
        };

        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetSection("JWTSettings:SecretKey").Value));
        var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);

        var iss = _configuration.GetSection("JWTSettings:Issuer").Value;

        var token = new JwtSecurityToken(
            issuer: _configuration.GetSection("JWTSettings:Issuer").Value,
            audience: _configuration.GetSection("JWTSettings:Audience").Value,
            claims: claims, 
            signingCredentials: creds
            );

        return new JwtSecurityTokenHandler().WriteToken(token);
    }

当我测试UserManager是否获取有关用户和控制器角色的信息时,它是否正常运行:

 public void ConfigureServices(IServiceCollection services)
    {
        services.AddDbContext<PaszoDbContext>(options =>
            options.UseSqlite("Data Source=PaszoDataBase.db"));


        services.AddIdentity<IdentityPaszoUser, IdentityRole>(o => {
            o.Password.RequireDigit = false;
            o.Password.RequiredLength = 1;
            o.Password.RequireLowercase = false;
            o.Password.RequireUppercase = false;
            o.Password.RequireNonAlphanumeric = false;

        })
            .AddEntityFrameworkStores<PaszoDbContext>()
            .AddDefaultTokenProviders();


        JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); // => remove default claims
        services
            .AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;

            })
            .AddJwtBearer(options =>
            {
                options.RequireHttpsMetadata = false;
                options.SaveToken = true;
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuerSigningKey = true,
                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration.GetSection("JWTSettings:SecretKey").Value)),
                    ValidateIssuer = true,
                    ValidIssuer = Configuration.GetSection("JWTSettings:Issuer").Value,
                    ValidateAudience = true,
                    ValidAudience = Configuration.GetSection("JWTSettings:Audience").Value,
                    ValidateLifetime = false,

                };
            });
        services.AddMvc();
    }

要进行哪些更改才能使其正常工作?

0 个答案:

没有答案
相关问题
最新问题