我正在从外部api(其他应用程序)获取access_token,但是我无法使用此令牌来认证/授权我的api,在这里我正在获取令牌:
[HttpPost("/authorize/user")]
public async Task<IActionResult> Post([FromBody] LoginDTO login)
{
LoginDTO data = new LoginDTO
{
Email = login.Email,
Password = login.Password
};
var stringPayload = await Task.Run(() => JsonConvert.SerializeObject(data));
var httpContent = new StringContent(stringPayload, Encoding.UTF8, "application/json");
using (var client = new HttpClient())
{
client.BaseAddress = new Uri("myrul");
var response = client.PostAsync("auth/login", httpContent).Result;
var payload = JObject.Parse(await response.Content.ReadAsStringAsync())["token"];
var access_token = payload.Value<string>("access_token");
var refresh_token = payload.Value<string>("refresh_token");
var expires_in = payload.Value<string>("expires_in");
if (response.IsSuccessStatusCode)
return Ok(access_token);
else
return BadRequest();
}
}
和startup.cs:
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(x =>
{
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes("012345678901234567890123456789ab")),
ValidateIssuer = false,
ValidateAudience = false,
RequireExpirationTime = false,
ValidateLifetime = true
};
});
我需要授权的API:
[HttpGet]
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
public IEnumerable<string> Get()
{
return new string[] { "value1", "value2" };
}
但问题始终是未经授权的401:
