c# - 尝试对 ASP.NET Core 3.1 使用多个身份验证方案时出现异常
问题描述
我正在尝试使用 ASP.NET Core 3.1 添加多个身份验证方案,并在尝试向服务器发送不记名令牌时遇到此问题:
System.InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found. The default schemes can be set using either AddAuthentication(string defaultScheme) or AddAuthentication(Action<AuthenticationOptions> configureOptions).
at Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, String scheme, AuthenticationProperties properties)
at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.CspMiddleware.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
以下是相关代码:
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer("Custom", options =>
{
options.SaveToken = true;
options.RequireHttpsMetadata = true;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = key,
ValidateAudience = false,
ValidateIssuer = false
};
})
.AddJwtBearer("Keycloak", options =>
{
options.Authority = "http://localhost:8080/auth/realms/test";
options.SaveToken = true;
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = key,
ValidateAudience = false,
ValidateIssuer = false
};
});
services.AddAuthorization(options =>
{
var authorizationPolicy = new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme, "Custom", "Keycloak")
.RequireAuthenticatedUser().Build();
options.AddPolicy("Bearer", authorizationPolicy);
});
任何人都能够看到我在这里做错了什么?如果我只使用一个,这两种方案都可以单独工作。
解决方案
我找到了解决方案。
我需要添加
[Authorize(AuthenticationSchemes = "Custom, Keycloak")]
在我的基本控制器中。
推荐阅读
- javascript - 如何从另一个浏览器访问浏览器 JavaScript API
- ssl - 无法在 python2.6 中使用 PIP 更新/添加任何包
- dynamics-crm - 汇总字段十进制抛出错误
- pdf - 是否可以将fabricjs svg输出转换为pdf而不进行光栅化?
- python - PyCharm 在未选中检查时会出现代码兼容性错误
- swift - 设置语言环境时UIDatePicker错误的时间位置
- r - 根据共享值合并两个数据框
- ios - UIImagePickerController 显示带有灰色背景的专辑列表行
- json - 如何修复 json 中的换行错误:非法未引用字符 ... 必须使用反斜杠进行转义
- mongodb - 引用集合的归档而不是集合 mongodb