我的JWT未通过验证,因为发行人的声明失败了,我也不知道为什么 创建令牌看起来像这样:
var key = Encoding.UTF8.GetBytes(_config["JWT:Secret"]);
var signingCredentials = new SigningCredentials(
new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha256Signature);
var token = new JwtSecurityToken(
issuer: _config["JWT:Issuer"],
claims: claims,
notBefore: DateTime.Now,
expires: DateTime.Now.AddMinutes(20),
signingCredentials: signingCredentials
);
在我的Startup.cs文件中,我按如下方式验证令牌:
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options =>
{
options.IncludeErrorDetails = true;
options.RequireHttpsMetadata = false;
options.ClaimsIssuer = Configuration["JWT:Issuer"];
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(Configuration["JWT:Secret"])),
// works when set to false
ValidateIssuer = true,
ValidateAudience = false,
ValidateLifetime = true
};
});
那我为什么会收到这个错误:
bearer error =“ invalid_token”,error_description =“发行人'LoggerApp'无效”
注意:_config和Configuration是相同的依赖项
答案 0 :(得分:0)
您应设置ValidIssuer的{{1}}属性,以确保发行人验证有效:
TokenValidationParameters