小贝子编程

Asp.net 6授权.我有能力向客户发送JWT,但当我尝试访问我的端点时,我会得到401.非常困惑



我正在尝试使用JWT令牌解锁我的端点(控制器(,该令牌在用户登录时发送给他们。目前,注册和登录工作正常,并向用户发送JWT令牌。然而,当我使用邮递员或我的移动应用程序将JWT发送到API时,我会收到401未经授权的错误。我正在使用Asp.net 6 web API。我已经添加了我的身份验证控制器和程序.cs。我在appsettings.json中有JWT密钥,还有颁发者和受众。我确信我的错误在我的程序中.cs

AuthController

using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using VelocityNetAPI.Models;
using System.Security.Cryptography;
using System.Security.Claims;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using VelocityNetAPI.Data;
using Microsoft.AspNetCore.Authorization;
namespace VelocityNetAPI.Controllers
{

[Route("api/[controller]")]
[ApiController]
public class AuthController : ControllerBase
{
public static User user = new User();
private readonly IConfiguration configuration;
private readonly VelocityNetAPIContext context;
public AuthController(IConfiguration configuration, VelocityNetAPIContext context)
{
this.configuration = configuration;
this.context = context;
}
[HttpPost("Register")]
public async Task<ActionResult<User>> Register(UserDto request)
{
CreatePasswordHash(request.Password, out byte[] passwordHash, out byte[] passwordSalt);
user.Name = request.Username;
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
user.Role = "User";
context.User.Add(user);
await context.SaveChangesAsync();
return Ok(user);
}
[HttpPost("Login")]
public async Task<ActionResult<string>> Login(UserDto request)
{
//search for user
var user = context.User.FirstOrDefault(u => u.Name == request.Username);
if (user == null)
{
return BadRequest("User not found");
}
if(!VerifyPasswordHash(request.Password, user.PasswordHash, user.PasswordSalt))
{
return BadRequest("Wrong Password");
}
string token = CreateToken(user);
return Ok(token);
}

private string CreateToken(User user)
{
List<Claim> claims = new List<Claim>
{
new Claim(ClaimTypes.Name, user.Name),
new Claim(ClaimTypes.Role, user.Role),
};
var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(configuration["Jwt:key"]));
var cred = new SigningCredentials(key, SecurityAlgorithms.HmacSha512);
var token = new JwtSecurityToken(
claims: claims,
expires: DateTime.Now.AddDays(1),
signingCredentials: cred);
var jwt = new JwtSecurityTokenHandler().WriteToken(token);
return jwt;
}
private void CreatePasswordHash(String password, out byte[] passwordHash, out byte[] passwordSalt)
{
using (HMACSHA512 hmac = new HMACSHA512())
{
passwordSalt = hmac.Key;
passwordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
}
}
private bool VerifyPasswordHash(string password, byte[] passwordHash, byte[] passwordSalt)
{
using (HMACSHA512 hmac = new HMACSHA512(passwordSalt))
{
var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
return computedHash.SequenceEqual(passwordHash);
}
}
}
}

程序.cs

using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Identity.Web;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.DependencyInjection;
using VelocityNetAPI.Data;
using Microsoft.IdentityModel.Tokens;
using System.Configuration;
using Swashbuckle.AspNetCore.SwaggerGen;
using Microsoft.OpenApi.Models;
using Microsoft.AspNetCore.Authorization;
using System.Text;
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddDbContext<VelocityNetAPIContext>(options =>

options.UseSqlServer(builder.Configuration.GetConnectionString("VelocityNetAPIContext")));
var conf = builder.Configuration;
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(x =>
{
x.RequireHttpsMetadata = true;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = conf["Jwt:Issuer"].ToString(),
ValidAudience = conf["Jwt:Audience"].ToString(),
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(conf["Jwt:Key"]))
};
});
//Configuration.GetSection("AppSettings:Token").Value)
builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();

如果你需要更多信息,请告诉我为大家欢呼

您将ValidateIssuerValidateAudience设置为true。但在您的CreateToken方法中,您不使用IssuerAudience来生成令牌。

您可以更改CreateToken方法,如下所示:

var token = new JwtSecurityToken(configuration["Jwt:Issuer"],
configuration["Jwt:Audience"],
claims: claims,
expires: DateTime.Now.AddDays(1),
signingCredentials: cred);

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium