c# - IDX10500:签名验证失败。没有提供安全密钥来验证签名
问题描述
我有以下代码,当我调用 api 端点时出现错误Bearer was not authenticated. Failure message: IDX10500: Signature validation failed. No security keys were provided to validate the signature.
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(cfg =>
{
cfg.RequireHttpsMetadata = false;
cfg.TokenValidationParameters = new TokenValidationParameters
{
ValidateAudience = false,
ValidateIssuer = false,
ValidateIssuerSigningKey = false
};
});
如果我正在设置,为什么会发生这种情况ValidateIssuerSigningKey=false
?
解决方案
请参考线程:https ://github.com/aspnet/Security/issues/1741
您可以将委托 TokenValidationParameters.SignatureValidator 设置为仅返回 JwtSecurityToken。
目前您不能只设置ValidateIssuerSigningKey
为 false 来跳过签名验证。作为一种解决方法,您可以将委托 TokenValidationParameters.SignatureValidator 设置为只返回一个 JwtSecurityToken :
ValidateIssuerSigningKey = false,
SignatureValidator = delegate (string token, TokenValidationParameters parameters)
{
var jwt = new JwtSecurityToken(token);
return jwt;
},