小贝子编程

401在每个CRUD.net框架API上



所以我有一个项目,它是一个.net框架api和一个有角度的前端。

我最近添加了OWIN JWT身份验证,但似乎我所做的任何操作都会返回401错误。我尝试了100种解决方案,但都没有成功。

当我登录时,JWT会相应地传递到前端。

我的启动.cs

using System;
using System.Text;
using Microsoft.Owin.Security.Jwt;
using Microsoft.Owin.Security;
using Microsoft.IdentityModel.Tokens;
using System.Threading.Tasks;
using System.Web.Configuration;
using Microsoft.Owin;
using Owin;
[assembly: OwinStartup(typeof(AgriLogBackend.Startup))]
namespace AgriLogBackend
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.UseJwtBearerAuthentication(
new JwtBearerAuthenticationOptions
{
AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Active,
TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateIssuerSigningKey = true,


IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("GuessThePassword----"))
}
});
}
}
}

我的控制器具有[授权]属性。

我确实把正确的JWT交还给了管制员,但似乎没有授权。

非常感谢任何帮助

在angular中,我使用了这样一个帖子:

const ops = {     // <<<<<< Initialize header with token
headers: new HttpHeaders({

'Authorization': 'Bearer ' + localStorage.getItem("jwtToken")
})
};
return this.http.get<types>(this.baseURL + "EquipmentTypes/" + localStorage.getItem("currentFarm"),ops);

在c#:中创建令牌

public IHttpActionResult Login(User user)
{
var finduser = db.Users.Where(x => x.User_Email == user.User_Email).FirstOrDefault();
var encPass = encrypt(user.User_Password);
if (finduser != null && finduser.User_Password == encPass)
{
var claims = new[]
{
new Claim(ClaimTypes.Name,finduser.User_ID.ToString())

};
var keytoReturn = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_key));
var Credentials = new SigningCredentials(keytoReturn, SecurityAlgorithms.HmacSha512Signature);
var descriptorToken = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = Credentials
};
var Handler = new JwtSecurityTokenHandler();
var userToken = Handler.CreateToken(descriptorToken);
return Ok
(new
{
Token = Handler.WriteToken(userToken)
}
);
}
return Unauthorized();
}

您这样设置TokenValidationParameters

TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("GuessThePassword----"))
}

其告诉JwtBearerAuthentication中间件检查每个令牌的有效发布者和受众声明(令牌中的issaud(。

由于您在创建令牌期间没有添加这两个声明,因此验证将失败。您的选择是关闭选项:

ValidateIssuer = false,
ValidateAudience = false,

以便不执行这些检查,或者在创建令牌时为它们添加适当的声明:

var descriptorToken = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = Credentials
TokenIssuerName = "YourIssuer",                // add your issuer here
AppliesToAddress = "YourAudience",             // add your audience here
};
var Handler = new JwtSecurityTokenHandler();
var userToken = Handler.CreateToken(descriptorToken);

SecurityTokenDescriptor 的参考

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium