我有以下配置:
var oAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/api/token"),
AuthorizeEndpointPath = new PathString("/api/authorize_endpoint"),
AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(int.Parse(ConfigurationManager.AppSettings["AccessTokenTimeSpanInMinutes"])),
AuthorizationCodeExpireTimeSpan = TimeSpan.FromMinutes(5),
Provider = new ApiAuthorizationServerProvider(userRepository, externalAppRepository),
RefreshTokenProvider = new ApiRefreshTokenProvider(),
AuthorizationCodeProvider = new ApiExternalAuthenticationTokenProvider(externalAppRepository)
};
// Token Generation
app.UseOAuthAuthorizationServer(oAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
我在某个地方读到,他们添加了一个JwtFormat对象,我可以通过设置AccessTokenFormat在选项中使用,但当我这样做时,我的选项看起来像这样:
var oAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/api/token"),
AccessTokenFormat = new JwtFormat(new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes("secretkey")),
ValidateLifetime = false,
ValidateIssuer = false,
ValidateAudience = false
}),
AuthorizeEndpointPath = new PathString("/api/authorize_endpoint"),
AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(int.Parse(ConfigurationManager.AppSettings["AccessTokenTimeSpanInMinutes"])),
AuthorizationCodeExpireTimeSpan = TimeSpan.FromMinutes(5),
Provider = new ApiAuthorizationServerProvider(userRepository, externalAppRepository),
RefreshTokenProvider = new ApiRefreshTokenProvider(),
AuthorizationCodeProvider = new ApiExternalAuthenticationTokenProvider(externalAppRepository)
};
// Token Generation
app.UseOAuthAuthorizationServer(oAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
我的OnGrantResourceOwnerCredentials方法抛出MethodNotSupported的异常
StackTrace:
[NotSupportedException: Specified method is not supported.]
Microsoft.Owin.Security.Jwt.JwtFormat.Protect(AuthenticationTicket data) +40
Microsoft.Owin.Security.OAuth.<InvokeTokenEndpointAsync>d__8.MoveNext() +4143
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +62
Microsoft.Owin.Security.OAuth.<InvokeAsync>d__5.MoveNext() +1098
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +62
Microsoft.Owin.Security.Infrastructure.<Invoke>d__5.MoveNext() +517
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +62
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<RunApp>d__5.MoveNext() +197
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +62
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<DoFinalWork>d__2.MoveNext() +184
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult.End(IAsyncResult ar) +118
System.Web.AsyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +510
System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step) +220
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +134
据我所知,是个例外
如果IssuingSecurityTokenProvider不是SigningSecurityToken Provider则抛出。
有人能对此发表看法吗?
若要生成JWT令牌,库需要执行Protect((方法。然而,微软还没有提供Protect((方法的实现(错误消息提示"不支持指定的方法">(。它只提供了Unprotect((方法的一个实现。您可以通过使用ILDASM窥视库来验证这一点。
因此,我们不能直接使用AccessTokenFormat=new JwtFormat((来生成JWT令牌。也就是说,要生成JWT令牌,您需要编写一个实现ISecureDataFormat接口的自定义类。这个接口提供了两个方法Protect((和Unprotect((。要生成JWT令牌,只需要实现Protect((方法,并使用此类作为访问令牌格式。
下面的链接很好地解释了如何实现这个类及其用法。
https://bitoftech.net/2014/10/27/json-web-token-asp-net-web-api-2-jwt-owin-authorization-server/