c# - .net core 2.2 应用程序的 JWT 身份验证不使用身份
问题描述
我在这里关注这篇文章:https ://fullstackmark.com/post/13/jwt-authentication-with-aspnet-core-2-web-api-angular-5-net-core-identity-and-facebook-登录,我遇到了一个障碍,我的 JWT 不记名令牌没有授权我的用户。我得到一个有效的 JWT - 见截图:
我已经阅读了这篇文章的所有评论,其他一些评论由于各种原因得到了 401,但我已经满足了所有这些问题,它们不是我的。
想知道另一双眼睛是否有助于发现正在发生的事情。顺便说一句,我没有使用Identity
我的登录内容。我更喜欢为此使用我自己的表结构和登录机制,但我认为这不是我问题的根源。
这是我的 startup.cs 文件。有人在这里跳出来吗?不太确定下一步该去哪里。
public class Startup
{
private const string SecretKey = "iNivDmHLpUA223sqsfhqGbMRdRj1PVkH";
private readonly SymmetricSecurityKey _signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(SecretKey));
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
// In production, the Angular files will be served from this directory
services.AddSpaStaticFiles(configuration =>
{
configuration.RootPath = "ClientApp/dist";
});
services.AddDbContext<MyHomeBuilderContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("MyHomeBuilderContext"))
);
services.AddSingleton<IJwtFactory, JwtFactory>();
services.TryAddTransient<IHttpContextAccessor, HttpContextAccessor>();
// jwt wire up
// Get options from app settings
var jwtAppSettingOptions = Configuration.GetSection(nameof(JwtIssuerOptions));
// Configure JwtIssuerOptions
services.Configure<JwtIssuerOptions>(options =>
{
options.Issuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)];
options.Audience = jwtAppSettingOptions[nameof(JwtIssuerOptions.Audience)];
options.SigningCredentials = new SigningCredentials(_signingKey, SecurityAlgorithms.HmacSha256);
});
var tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)],
ValidateAudience = true,
ValidAudience = jwtAppSettingOptions[nameof(JwtIssuerOptions.Audience)],
ValidateIssuerSigningKey = true,
IssuerSigningKey = _signingKey,
RequireExpirationTime = false,
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(configureOptions =>
{
configureOptions.ClaimsIssuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)];
configureOptions.TokenValidationParameters = tokenValidationParameters;
configureOptions.SaveToken = true;
});
// api user claim policy
services.AddAuthorization(options =>
{
options.AddPolicy("ApiUser", policy => policy.RequireClaim(Constants.Strings.JwtClaimIdentifiers.Rol, Constants.Strings.JwtClaims.ApiAccess));
});
// map the email settings from appsettings.json so they can be pushed to the core project
services.Configure<EmailSettingsModel>(Configuration.GetSection("EmailSettings"))
.AddSingleton(jd => jd.GetRequiredService<IOptions<EmailSettingsModel>>().Value);
// map the push notification settings from appsettings.json so they can be pushed to the core project
services.Configure<PushSettingsModel>(Configuration.GetSection("VapidKeys"))
.AddSingleton(jd => jd.GetRequiredService<IOptions<PushSettingsModel>>().Value);
services.AddTransient<IEmailService, EmailService>();
services.AddTransient<IPushService, PushService>();
services.AddTransient<IUserRepository, UserRepositoryEFDatabase>();
services.AddTransient<IUserService, UserService>();
services.AddTransient<IAdapter<UserModel, User>, UserAdapter>();
services.AddTransient<IProjectRepository, ProjectRepositoryEFDatabase>();
services.AddTransient<IProjectService, ProjectService>();
services.AddTransient<IAdapter<ProjectModel, Project>, ProjectAdapter>();
services.AddTransient<IProjectFileBucketRepository, ProjectFileBucketRepositoryEFDatabase>();
services.AddTransient<IProjectFileBucketService, ProjectFileBucketService>();
services.AddTransient<IAdapter<ProjectFileBucketModel, ProjectFileBucket>, ProjectFileBucketAdapter>();
services.AddTransient<IProjectFileRepository, ProjectFileRepositoryEFDatabase>();
services.AddTransient<IProjectFileService, ProjectFileService>();
services.AddTransient<IAdapter<ProjectFileModel, ProjectFile>, ProjectFileAdapter>();
services.AddTransient<IDeviceRepository, DeviceRepositoryEFDatabase>();
services.AddTransient<IDeviceService, DeviceService>();
services.AddTransient<IAdapter<DeviceModel, Device>, DeviceAdapter>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseSpaStaticFiles();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller}/{action=Index}/{id?}");
});
app.UseAuthentication();
app.UseSpa(spa =>
{
// To learn more about options for serving an Angular SPA from ASP.NET Core,
// see https://go.microsoft.com/fwlink/?linkid=864501
spa.Options.SourcePath = "ClientApp";
if (env.IsDevelopment())
{
spa.UseAngularCliServer(npmScript: "start");
}
});
}
}
解决方案
我开辟了一个全新的项目,一步一步地经历了事情,找到了罪魁祸首。事实证明,实际上有两个。
1)在 VS 2019 中,您必须调试授权才能工作。对此并不超级兴奋。我更希望能够在应用程序运行时授权工作,但不一定要调试 - 如果有解决这个问题的方法,我很想听听。2)我在app.UseAuthentication()
下面有一些其他声明Configure()
,显然是为了问题 - 任何人都可以解释一下吗?
如果其他人遇到这个问题并且如果有人对我的问题有一些想法,我会留下这个 - 请求我很乐意接受教育:)
推荐阅读
- javascript - 在函数参数中传递用户定义的类型
- azure - 有没有办法在创建 Azure 容器实例时设置没有值的环境变量?
- azure - 在arm模板中传递除参数文件之外的其他参数
- angular - 如何根据条件禁用或阻止打开 wijmo 树节点?
- php - 通过php查找和替换字符串中的Img标签?
- angular - 一次处理多个观察者的角度
- c++ - 所有 Visual Studio 安装程序都会崩溃,并且 Visual 构建工具也无法工作
- ssl - JMeter JMS 采样器未附加客户端 SSL 证书(自签名证书)
- java - org.h2.jdbc.JdbcSQLException:SQL 语句中的语法错误“?= CALL PKG_DATA_INGESTION.F_GET_CONFIGURATION_COMPONENTS([*]?, ?)”;
- android - 触发多次TextEdit onTextChanged