使用System.IdentityModel.Tokens.Jwt从1.1迁移到2.0后，JWTAuthentication无法在ASP.NET Core 2.0中工作-5.1.4更新 [英] JWTAuthentication not working in asp.net core 2.0 after migrate from 1.1 to 2.0 with System.IdentityModel.Tokens.Jwt - 5.1.4 update

问题描述

错误

错误CS0619'JwtBearerAppBuilderExtensions.UseJwtBearerAuthentication(IApplicationBuilder，JwtBearerOptions)'已过时:'请参见 https ://go.microsoft.com/fwlink/?linkid = 845470 '

Error CS0619 'JwtBearerAppBuilderExtensions.UseJwtBearerAuthentication(IApplicationBuilder, JwtBearerOptions)' is obsolete: 'See https://go.microsoft.com/fwlink/?linkid=845470'

这是JWT身份验证的代码

Here is the code for the JWT authentication

app.UseJwtBearerAuthentication(new JwtBearerOptions
            {
                TokenValidationParameters = new TokenValidationParameters
                {
                    IssuerSigningKey = key,
                    ValidAudience = tokenOptions.Audience,
                    ValidIssuer = tokenOptions.Issuer,

                    // When receiving a token, check that it is still valid.
                    ValidateLifetime = true,

                    // This defines the maximum allowable clock skew - i.e. provides a tolerance on the token expiry time 
                    // when validating the lifetime. As we're creating the tokens locally and validating them on the same 
                    // machines which should have synchronised time, this can be set to zero. Where external tokens are
                    // used, some leeway here could be useful.
                    ClockSkew = TimeSpan.FromMinutes(0)
                }
            });

相同的代码在asp.net core 1.1 I上运行良好，刚刚从core 1.1迁移到core 2.0，并将System.IdentityModel.Tokens.Jwt(5.1.1)更新为(5.1.4)

The same code was working fine in asp.net core 1.1 I, have just migrate from core 1.1 to core 2.0 and updated the System.IdentityModel.Tokens.Jwt(5.1.1) to (5.1.4)

ConfigureServices

RSAParameters keyParams = RsaKeyUtils.GetRandomKey();
            key = new RsaSecurityKey(keyParams);
            tokenOptions = new TokenAuthOptions()
            {
                Audience = TokenAudience,
                Issuer = TokenIssuer,
                SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.RsaSha256Signature)
            };
            services.AddSingleton<TokenAuthOptions>(tokenOptions);
            services.AddAuthorization(auth =>
            {
                auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
                    .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme‌​)
                    .RequireAuthenticatedUser().Build());
            });

我尝试过在此问题中发布的解决方案在点网核心中进行身份验证Preview-2.0 .但是该解决方案无法正常工作，因为 IServiceCollection不包含AddJwtBearerAuthentication的定义

I tried the solution posted in this question Authentication in dot net core preview-2.0 . But the solution is not working getting an error as IServiceCollection doesn't contain the definition for AddJwtBearerAuthentication

试图实施 https://github.com/aspnet/Security/blob/c5b566ed4abffac4cd7011e0465e012cf503c871/samples/JwtBearerSample/Startup.cs#L47-L53 https://github.com/IdentityServer/IdentityServer4/issues/1055 https ://blogs.msdn.microsoft.com/webdev/2017/04/06/jwt-validation-and-authorization-in-asp-net-core/

500内部服务器错误.

500 internal server error.

相同的代码在asp.net core 1.1上运行良好.升级到2.0时会发生此问题.

The same code was working perfectly on asp.net core 1.1. When upgrade to 2.0 the issue occur.

请任何人让我知道如何解决此问题.

Please anyone let me know how can I resolve this issue.

推荐答案

在ASP.NET Core 2.0中，添加Jwt承载身份验证的方法已更改.请参阅样本的最新版本链接.

The method for adding Jwt Bearer Authentication has changed in ASP.NET Core 2.0. See the latest version of the sample you linked.

您需要将Jwt Bearer Authentication进程注册为服务而不是中间件组件.请参见ConfigureServices中的相关代码:

You need to register the Jwt Bearer Authentication process as a service, rather than a middleware component. See the relevant code in ConfigureServices:

services.AddAuthentication(...)
    .AddJwtBearer(...);

在ConfigureServices中尝试:

services.AddAuthentication()
    .AddJwtBearer(jwt =>
    {
        jwt.TokenValidationParameters = new TokenValidationParameters
        {
            IssuerSigningKey = key,
            ValidAudience = tokenOptions.Audience,
            ValidIssuer = tokenOptions.Issuer,

            // When receiving a token, check that it is still valid.
            ValidateLifetime = true,

            // This defines the maximum allowable clock skew - i.e. provides a tolerance on the token expiry time
            // when validating the lifetime. As we're creating the tokens locally and validating them on the same
            // machines which should have synchronised time, this can be set to zero. Where external tokens are
            // used, some leeway here could be useful.
            ClockSkew = TimeSpan.FromMinutes(0)
        };
     });

services.AddAuthorization(auth =>
{
     auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder(JwtBearerDefaults.AuthenticationScheme)
             .RequireAuthenticatedUser()
             .Build());
});

并确保您在Configure中具有此名称:

And make sure you have this in Configure:

app.UseAuthentication();

由于我无法针对您的情况进行测试，因此很有可能第一次无法使用.当您包括由此而来的更多信息时，请务必明确.

As I can't test this against your scenario, there's every chance it won't work first time. Be sure to be specific when you include any further information that comes from this.

这篇关于使用System.IdentityModel.Tokens.Jwt从1.1迁移到2.0后，JWTAuthentication无法在ASP.NET Core 2.0中工作-5.1.4更新的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！