AddJwtBearer OnAuthenticationFailed返回自定义错误 [英] AddJwtBearer OnAuthenticationFailed return custom error
问题描述
我正在使用 Openidict .
我试图返回带有自定义状态代码的自定义消息,但是我无法做到这一点.我在startup.cs
中的配置:
I am using Openidict.
I am trying to return custom message with custom status code, but I am unable to do it. My configuration in startup.cs
:
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(o =>
{
o.Authority = this.Configuration["Authentication:OpenIddict:Authority"];
o.Audience = "MyApp"; //Also in Auhorization.cs controller.
o.RequireHttpsMetadata = !this.Environment.IsDevelopment();
o.Events = new JwtBearerEvents()
{
OnAuthenticationFailed = context =>
{
context.Response.StatusCode = HttpStatusCodes.AuthenticationFailed;
context.Response.ContentType = "application/json";
var err = this.Environment.IsDevelopment() ? context.Exception.ToString() : "An error occurred processing your authentication.";
var result = JsonConvert.SerializeObject(new {err});
return context.Response.WriteAsync(result);
}
};
});
但是问题是没有内容返回. Chrome开发者工具报告
But the problem is no content is returned. Chrome developer tools report
(失败)
状态和
无法加载响应数据
Failed to load response data
以获取答复.
我也尝试过:
context.Response.WriteAsync(result).Wait();
return Task.CompletedTask;
但结果是相同的.
期望的行为:
我想返回自定义状态代码和错误消息.
Desired behaviour:
I would like to return custom status code with message what went wrong.
推荐答案
请务必注意,aspnet-contrib OAuth2验证和MSFT JWT处理程序会自动返回WWW-Authenticate
响应标头,其中包含错误代码/说明.返回401响应:
It's important to note that both the aspnet-contrib OAuth2 validation and the MSFT JWT handler automatically return a WWW-Authenticate
response header containing an error code/description when a 401 response is returned:
如果您认为标准行为不够方便,则可以使用事件模型来手动处理挑战.例如:
If you think the standard behavior is not convenient enough, you can use the events model to manually handle the challenge. E.g:
services.AddAuthentication()
.AddJwtBearer(options =>
{
options.Authority = "http://localhost:54540/";
options.Audience = "resource_server";
options.RequireHttpsMetadata = false;
options.Events = new JwtBearerEvents();
options.Events.OnChallenge = context =>
{
// Skip the default logic.
context.HandleResponse();
var payload = new JObject
{
["error"] = context.Error,
["error_description"] = context.ErrorDescription,
["error_uri"] = context.ErrorUri
};
return context.Response.WriteAsync(payload.ToString());
};
});
这篇关于AddJwtBearer OnAuthenticationFailed返回自定义错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!