Microsoft.Owin.Security.OAuth.OAuthBearerAuthenticationMiddleware警告:0:收到无效的承载令牌

时间:2019-02-22 11:36:49

标签: c# asp.net-web-api oauth-2.0 jwt asp.net-identity

每次用户尝试访问受保护的api端点时,我都会收到此警告。身份验证工作正常,用户似乎已通过身份验证,但我一直无法弄清为什么此错误持续发生。我正在未启用https / ssl 的 localhost开发服务器上运行此程序。我可能会错过一个不确定的步骤。我实现了令牌认证以及使用自定义提供程序刷新令牌。然后实现了用于生成令牌的自定义jwt格式。

  

这是应用程序输出日志中的警告:

     

Microsoft.Owin.Security.OAuth.OAuthBearerAuthenticationMiddleware   警告:0:收到无效的承载令牌

SimpleJWTFormat.cs :这指定了jwt令牌的格式

public class SimpleJwtFormat : ISecureDataFormat<AuthenticationTicket>
{

    private readonly string _issuer = string.Empty;

    public SimpleJwtFormat(string issuer)
    {
        _issuer = issuer;
    }

    public string Protect(AuthenticationTicket data)
    {
        if (data == null)
        {
            throw new ArgumentNullException("data");
        }

        string audienceId = ConfigurationManager.AppSettings["as:AudienceId"];

        string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
        var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);

        //var signingKey = new HmacSigningCredentials(keyByteArray);
        var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray);
        securityKey.KeyId = ConfigurationManager.AppSettings["as:AudienceId"];

        var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);

        var issued = data.Properties.IssuedUtc;

        var expires = data.Properties.ExpiresUtc;

        var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingCredentials);
        //token.SigningKey = securityKey;

        var handler = new JwtSecurityTokenHandler();

        var jwt = handler.WriteToken(token);
        return jwt;
    }

    public AuthenticationTicket Unprotect(string protectedText)
    {
        string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
        string audienceId = ConfigurationManager.AppSettings["as:AudienceId"];

        var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
        var signingKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray); 

        var tokenValidationParameters = new TokenValidationParameters
        {
            ValidAudience = audienceId,
            ValidIssuer = _issuer,
            IssuerSigningKey = signingKey,
            ValidateLifetime = true,
            ValidateAudience = true,
            ValidateIssuer = true,
            RequireSignedTokens = true,
            RequireExpirationTime = true,
            ValidateIssuerSigningKey = true
        };


        var handler = new JwtSecurityTokenHandler();
        SecurityToken token = null;

        // Unpack token
        var pt = handler.ReadToken(protectedText);
        string t = ((JwtSecurityToken)pt).RawData;

        var principal = handler.ValidateToken(t, tokenValidationParameters, out token);
        var identity = principal.Identities;

        return new AuthenticationTicket(identity.First(), new AuthenticationProperties());
    }
}

1 个答案:

答案 0 :(得分:0)

问题是我没有在Startup.cs文件中调用 app.UseOAuthBearerAuthentication 并指定自定义令牌格式。 

app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()
{
  AccessTokenFormat = _tokenFormat
});
相关问题
最新问题