我有 3 个不同的项目
为了制作一个安全的网络应用程序,我决定使用身份服务器。我的身份配置如下
public static class Config
{
public static IEnumerable<IdentityResource> IdentityResources =>
new IdentityResource[]
{
new IdentityResources.OpenId(),
new IdentityResources.Profile()
};
public static IEnumerable<ApiResource> ApiResources =>
new ApiResource[]
{
new ApiResource(name: "web-api-rms", displayName: "Web API RMS")
};
public static IEnumerable<ApiScope> ApiScopes =>
new ApiScope[]
{
new ApiScope("web-rms"),
new ApiScope("web-api-rms"),
};
public static IEnumerable<Client> Clients =>
new Client[]
{
new Client
{
ClientId = "web-rms",
ClientSecrets = { new Secret("49C1A7E1-0C79-4A89-A3D6-A37998FB86B0".Sha256()) },
AllowedGrantTypes = GrantTypes.Code,
RedirectUris = { "http://localhost:1901/signin-oidc" },
FrontChannelLogoutUri = "http://localhost:1901/signout-oidc",
PostLogoutRedirectUris = { "http://localhost:1901/signout-callback-oidc" },
AllowOfflineAccess = true,
AllowedScopes = { "openid", "profile", "web-rms", "web-api-rms" }
}
};
}
}
我的 API 服务器配置如下
services.AddAuthentication("Bearer")
.AddJwtBearer("Bearer", options =>
{
options.Authority = "https://localhost:5001/";
options.RequireHttpsMetadata = true;
options.Audience = "web-api-rms";
});
现在的问题是,当我尝试使用不记名令牌访问 API 时,它总是向我返回未经授权的 401 我该如何解决??