我有一个简单的Blazor应用程序从模板。你可以在这里查看:https://blazorfun2.azurewebsites.net/。FetchData页面仅供授权用户使用,但当我授权时,我获得401 Unauthorized error
。在响应标头下,它显示了这个错误:
WWW-Authenticate: Bearer error="invalid_token", error_description="颁发者'https://blazorfun2.azurewebsites.net'是无效的">
可以用testmail@testmail.something
和Error#2
的密码进行测试。
本地主机没有此错误。
我正在使用Azure应用服务,Linux上的dotnet 5.0。
可以通过改变IssuerUri
(源)来解决,但我想这不是最好的选择。
//Main method in Program.cs in Client:
var builder = WebAssemblyHostBuilder.CreateDefault(args);
builder.RootComponents.Add<App>("#app");
builder.Services.AddHttpClient("BlazorPlaygroundFun.ServerAPI", client => client.BaseAddress = new Uri(builder.HostEnvironment.BaseAddress))
.AddHttpMessageHandler<BaseAddressAuthorizationMessageHandler>();
// Supply HttpClient instances that include access tokens when making requests to the server project
builder.Services.AddScoped(sp => sp.GetRequiredService<IHttpClientFactory>().CreateClient("BlazorPlaygroundFun.ServerAPI"));
builder.Services.AddApiAuthorization();
await builder.Build().RunAsync();
//startup.cs in server project:
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
services.AddDatabaseDeveloperPageExceptionFilter();
services.AddDefaultIdentity<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, ApplicationDbContext>();
services.AddAuthentication()
.AddIdentityServerJwt();
services.AddControllersWithViews();
services.AddRazorPages();
怎么了?谢谢你!
登录成功后,呼叫
var token = await TokenProvider.GetTokenAsync();
方法获取JWT令牌。然后在Fetch Data中,在header中引入jwt令牌,这将解决您的问题。 详情请参阅相关文章 感谢enet的回答。 Blazor WebAssembly 401即使我被授权也未被授权