.NET Core 2.2 / WebApi2 / Auth：InvalidOperationException：未指定authenticationScheme，并且未找到DefaultChallengeScheme

Question

我正在尝试在WebApi2操作上使用属性，并在某些情况下返回403。但是，出现以下异常：

InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found.

但是，403和消息仍在响应中返回。

这是我的代码：

public class ValidCertificateHandler : AuthorizationHandler<ValidCertificateRequirement>
    {
        public ValidCertificateHandler()
        {
        }

        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ValidCertificateRequirement requirement)
        {
            // Put logic here to determine if an HTTP Status OK (200) should be returned instead. Then, use context.Suceed().
            var filterContext = (AuthorizationFilterContext)context.Resource;
            var Response = filterContext.HttpContext.Response;
            var message = Encoding.UTF8.GetBytes("Invalid certificate");
            Response.OnStarting(async () =>
            {
                filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
                await Response.Body.WriteAsync(message, 0, message.Length);
            });
            context.Fail();
            return Task.CompletedTask;
        }
}

    [ApiController]
    public class TestAuthController : ControllerBase
    {
        [HttpGet]
        [Route("TestAuth")]
        [Authorize(Policy = "ValidateCertificate")]
        public HttpResponseMessage TestAuth()
        {
            return new HttpResponseMessage(HttpStatusCode.OK)
            {
                ReasonPhrase = "TestAuth()"
            };
        }
    }

public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);

            services.AddAuthorization(options =>
            {
                options.AddPolicy("ValidateCertificate", policy =>
                {
                    policy.Requirements.Add(new ValidCertificateRequirement());
                });
            });

            services.AddSingleton<IAuthorizationHandler, ValidCertificateHandler>();
            services.AddAuthentication(IISDefaults.AuthenticationScheme);
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseMvc();
        }
    }

public class ValidCertificateRequirement : IAuthorizationRequirement
    {

    }