我像这样配置了我的OWIN启动类:
public class Startup
{
public void Configuration(IAppBuilder app)
{
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=316888
app.UseActiveDirectoryFederationServicesBearerAuthentication(
new ActiveDirectoryFederationServicesBearerAuthenticationOptions
{
MetadataEndpoint = ConfigurationManager.AppSettings["ida:AdfsMetadataEndpoint"],
TokenValidationParameters = new TokenValidationParameters()
{
ValidAudience = ConfigurationManager.AppSettings["ida:Audience"],
ValidIssuer = ConfigurationManager.AppSettings["ida:Issuer"]
}
}
);
}
}
Global.asax.cs:
public class WebApiApplication : HttpApplication
{
protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
GlobalConfiguration.Configure(WebApiConfig.Register);
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
}
}
我的控制器:
[RoutePrefix("v1/onboarding")]
public class OnboardingController : ApiController
{
[Route("client")]
[HttpGet]
public HttpResponseMessage CreateClient([FromUri] string CIFID)
{
return new HttpResponseMessage(HttpStatusCode.Created);
}
}
但是当我使用邮递员调用没有承载令牌的GET/客户端时,调用继续进行并且我得到201响应状态。
如果我不提供不记名令牌,它应该触发一个403 Not Authorized状态码,对吗?
为控制器添加[authorization]属性。