邮递员无法获得通过JWT进行授权呼叫的任何响应 [英] Postman could not get any response making authorized call with a JWT
问题描述
我已经在.NET Core中建立了一个简单的API,使用由Identity Server 4精心组织的JWT保护它.当我访问属性为 [Authorize] 的端点时,得到的响应是预期的(401未经授权).被注释掉,它返回实际的数据,就像所支持的那样.
I've set up a simple API in .NET Core protecting it using JWT orchestrated by Identity Server 4. When I access an endpoint attributed [Authorize], I get the response as expected (401 Unauthorized). Commented out, it returns the actual data, just as suppsed to.
现在,当添加带有键 Authorization 和值 Bearer XXX 的标头时,其中XXX是我获得的令牌,我立即收到一条错误消息,指出
Now, when added the header with key Authorization and value Bearer XXX, where XXX is my obtained token, I get an immediate error message saying that
无法得到任何回应
Could not get any response
接着是关于做什么的四个建议.我关闭了SSL证书,并且不需要代理,因为所有操作都在基本设置中本地运行.超时无关(设置为0并立即发生错误).
followed by four suggestions on what to do. I turned off the SSL cert and the proxy isn't needed as everything's run locally in a basic setup. The timeout isn't relevant (set to 0 and the error occurs immediately).
这给我留下了* backend的抽象选项,无法正常工作.我没有做任何特别的事情,只是遵循IS网站上提供的指南.我对错误的直接性感到惊讶,我的印象是我在Postman中做的事情不太聪明.此外,IS的控制台对错误一无所获,这进一步加剧了我对与此无关的问题的怀疑.
It leaves me with the abstract option of *backend not working properly. I haven't done anything special, simply following the guide provided at IS's site. My impression, supprted by the immediateness of the error is that I've done something less bright in Postman. ALso, the console of the IS says nothing about errors, which furthermore strenghtens my suspition of the issue being with unrelated to it.
我试图在URL下面的选项卡上设置不同的授权.每次通话的结果相同.我检查了 hosts 文件,它看起来像这样
I tried to set different authorizations on the tab below URL. Same result for each call. I checked the hosts file and it looks like this
127.0.0.1本地主机
127.0.0.1 localhost
我已确保这篇文章.我尝试将键 Content-type 设置为 application/json 等.如建议的此处.我检查了是否没有冲突的环境变量,如此处所示.等等-基本上我找到的任何信息,文章和提示.
I've made sure there's no line break at the end of the pasted-in token as suggested by this article. I've tried setting key Content-type to application/json et.al. like suggested here. I've checked that I don't have colliding environmental variables like shown here. Etc. - basically any info, article and hint I've found.
在此阶段,我对如何解决此问题一无所知,而且我还没有找到新的Google关键字.
At this stage, I'm out of ideas on how to troubleshoot the issue and I'm dry on new keywords to google for.
可能是什么原因,该怎么做,至少,在哪里我可以从中获得更多关于如何进行的灵感?
What might be the cause, what can be done about it and, at least, where can I get more inspiration on how to proceed?
推荐答案
为缩小此问题,请检查令牌是否有效以及令牌是否被正确复制,将请求中发送的令牌与原始令牌进行比较.
For narrowing down this issue, check whether the token is validate and whether the token is copied correctly, compare the token sent from request and the original token.
这篇关于邮递员无法获得通过JWT进行授权呼叫的任何响应的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
