将Web API身份验证从.NET Core 1.1迁移到2.0 [英] Migrating web api authentication from .NET Core 1.1 to 2.0
问题描述
我正在尝试将旧的身份验证转换为.NET 2.0.我有以下代码:
I'm trying to convert my old authentication to .NET 2.0. I had the following code:
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
AutomaticAuthenticate = true,
IncludeErrorDetails = true,
Authority = "https://securetoken.google.com/xxxxx",
TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = "https://securetoken.google.com/xxxxxx",
ValidateAudience = true,
ValidAudience = "xxxx",
ValidateLifetime = true,
},
});
我的新代码如下:
public void Configure(...)
{
...
app.UseAuthentication();
...
}
public void ConfigureServices(IServiceCollection services)
{
...
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.RequireHttpsMetadata = false;
options.IncludeErrorDetails = true;
options.Authority = "https://securetoken.google.com/xxxxxx";
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = "https://securetoken.google.com/xxxxx",
ValidateAudience = true,
ValidAudience = "xxxxxx",
ValidateLifetime = true,
};
});
...
services.AddMvc();
services.AddAuthorization(......);
}
但是在2.0中,我得到了404响应.如果我从端点删除[Authorize]
属性,它将起作用.我的输出窗口显示如下:
But in 2.0 I'm getting a 404 response. If I remove the [Authorize]
attribute from my endpoint, it works. My output window shows this:
Microsoft.AspNetCore.Hosting.Internal.WebHost:信息:请求 开始HTTP/1.1 GET http://localhost:62423/api/users/info
Microsoft.AspNetCore.Authorization.DefaultAuthorizationService:信息: 用户授权失败:(空). Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:信息: 过滤器中的请求授权失败 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'. Microsoft.AspNetCore.Mvc.ChallengeResult:信息:正在执行 带有身份验证方案()的ChallengeResult.
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 GET http://localhost:62423/api/users/info
Microsoft.AspNetCore.Authorization.DefaultAuthorizationService:Information: Authorization failed for user: (null). Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information: Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'. Microsoft.AspNetCore.Mvc.ChallengeResult:Information: Executing ChallengeResult with authentication schemes ().
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler:信息:
AuthenticationScheme:Identity.Application已受到挑战.
Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:信息:
已执行的动作
SORTE.API.ContentManager.Controllers.UsersController.Info
(SORTE.API.ContentManager)在24.0837毫秒内
Microsoft.AspNetCore.Hosting.Internal.WebHost:信息:请求
于35.2446毫秒完成302
Microsoft.AspNetCore.Hosting.Internal.WebHost:信息:请求
开始HTTP/1.1 GET
http://localhost:62423/Account/Login?ReturnUrl =%2Fapi% 2Fusers%2Finfo
Microsoft.AspNetCore.Hosting.Internal.WebHost:信息:请求
在5.8149ms内完成404
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler:Information:
AuthenticationScheme: Identity.Application was challenged.
Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information:
Executed action
SORTE.API.ContentManager.Controllers.UsersController.Info
(SORTE.API.ContentManager) in 24.0837ms
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request
finished in 35.2446ms 302
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request
starting HTTP/1.1 GET
http://localhost:62423/Account/Login?ReturnUrl=%2Fapi%2Fusers%2Finfo
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request
finished in 5.8149ms 404
由于日志错误,似乎正在尝试将我重定向到/Account/Login
,但是我没有这样的终结点,我的项目是Web API.
From the log errors, it seems that it's trying to redirect me to /Account/Login
, but I don't have such endpoint, my project is a Web API.
我缺少一些配置吗?
推荐答案
直到我阅读此.
当我们使用Authorize属性时,默认情况下它实际上绑定到第一个身份验证系统.
When we use the Authorize attribute, it actually binds to the first authentication system by default.
解决方案是指定要使用的方案(JwtBearer):
The solution was especify wich scheme to use (JwtBearer):
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Policy = "PoliceName")]
现在我可以获得状态200(带有有效令牌)和401(未经授权-无效令牌)
Now i can get status 200 (with valid token) and 401 (unauthorized - invalid token)
这篇关于将Web API身份验证从.NET Core 1.1迁移到2.0的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!