我正在构建一些blazor wasm,我在公司网络中有oauth服务,用于登录。我收到了一些带有用户数据负载的令牌,现在的问题是,我应该使用收到的相同令牌来调用wasm客户端的内部api吗?我应该如何配置它?
我现在有
builder.Services.AddAuthentication((options) =>
{
options.DefaultAuthenticateScheme = "JwtBearer";
options.DefaultChallengeScheme = "JwtBearer";
}).AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateAudience = false,
ValidateIssuer = false,
ValidateLifetime = true,
ValidateIssuerSigningKey = false,
};
});
但它返回401-无效密钥-为什么?我应该这样做吗?或者这是一种糟糕的方法?如果是的话,什么是好的?对于外部oauth+blazor wasm+服务器api?如果我只验证寿命,那么为什么是401?感谢并问候
在客户端:
public class CustomAuthorizationMessageHandler:AuthorizationMessageHandler
{
public CustomAuthorizationMessageHandler(IAccessTokenProvider provider, NavigationManager nav) : base(provider, nav)
{
ConfigureHandler(authorizedUrls: new[] { nav.BaseUri });
}
}
在程序.cs:中
builder.Services.AddScoped<CustomAuthorizationMessageHandler>();
builder.Services.AddHttpClient<IHttpService, HttpService>((serviceProvider, client) => {
client.BaseAddress = new Uri(builder.HostEnvironment.BaseAddress);
}).AddHttpMessageHandler<CustomAuthorizationMessageHandler>() ;
在API的程序中.cs:
builder.Services
.AddAuthentication("Bearer")
.AddJwtBearer("Bearer", options =>
{
options.Authority = "https://SAMEasOauthInClient";
options.TokenValidationParameters.ValidateAudience = false;
});
这是有效的。