Question

我遵循了本教程：https://medium.com/@st.mas29/microsoft-blazor-web-api-with-jwt-authentication-part-1-f33a44abab9d（适用于.NET Core 2.2）。

这是我的启动课程

    public class Startup
    {
        // This method gets called by the runtime. Use this method to add services to the container.
        // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
        public IConfiguration Configuration { get; }
        public Startup (IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public void ConfigureServices(IServiceCollection services)
        {
            services.AddMvc().AddNewtonsoftJson();
            //services.AddMvcCore().AddAuthorization().AddNewtonsoftJson();

            services.AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(options =>
            {
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuer = true,
                    ValidateAudience = true,
                    ValidateLifetime = true,
                    ValidateIssuerSigningKey = true,
                    ValidIssuer = Configuration["Jwt:Issuer"],
                    ValidAudience = Configuration["Jwt:Audience"],
                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Jwt:Key"]))
                };
            });

            services.AddResponseCompression(opts =>
            {
                opts.MimeTypes = ResponseCompressionDefaults.MimeTypes.Concat(
                    new[] { "application/octet-stream" });
            });

        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            app.UseResponseCompression();

            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
                app.UseBlazorDebugging();
            }

            app.UseAuthentication();
            //app.UseAuthorization();

            app.UseRouting();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapDefaultControllerRoute();
            });

            app.UseBlazor<Client.Startup>();
        }
    }

我还在Api控制器SampleDataController上添加了[Authorize]。

我希望（根据帖子）访问数据时会出现401（未经授权）错误，相反，我抱怨缺少授权中间件

如果我添加app.UseAuthorization（）（取消注释该行），则该应用程序可以正常工作，而不会出现任何错误，就像客户端已被授权一样检索数据。

访问数据时需要做什么才能获得401？

Answer 1

将app.UseAuthentication()和app.UseAuthorization()放在之后 app.UseRouting()

app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(routes =>
     {
         routes.MapDefaultControllerRoute();
     });

Answer 2

我认为您在ConfigureServices方法中错过了这一点：

services.AddTransient<IJwtTokenService, JwtTokenService>();

参见此处：https://github.com/StuwiiDev/DotnetCoreJwtAuthentication/blob/master/JwtAuthentication.Server/Startup.cs

JwtTokenService应该在您的服务器应用程序中定义。我猜它的责任是创建令牌等。

希望这对您有帮助...

Answer 3

如果您发送带有授权令牌的请求，并且未在Startup.cs文件中设置服务器授权，则API将返回错误消息<Called method> contains authorization metadata, but a middleware was not found that supports authorization...

解决方法是将以下行添加到Startup.cs和app.UseRouting()之间的app.UseEndpoints(...)文件中：

            app.UseRouting();

            //AUTHORIZING
            app.UseAuthentication();
            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapRazorPages();
                endpoints.MapControllers();
                endpoints.MapFallbackToFile("index.html");
            });

使用Blazor 0.9.0和ASP.NET Core 3的JWT身份验证预览4

3 个答案: