覆盖的HandleUnauthorizedAsync不被称为.NET Core [英] Overriden HandleUnauthorizedAsync not being called .NET Core

问题描述

我已经实现了自己的自定义身份验证中间件和处理程序，并在应用程序启动时对其进行了配置.一切都很好.

I have implemented my own custom authentication middleware and handler, and configured them in the app startup. This is all working fine.

在我的自定义身份验证处理程序中，我重写了HandleAuthenticateAsync()来进行自己的自定义身份验证，我也重写了HandleUnauthorizedAsync()以便将用户重定向到登录页面，但这并未得到调用.

In my custom auth handler where I have overriden HandleAuthenticateAsync() to do my own custom auth, I have also overriden HandleUnauthorizedAsync() in order to redirect the user to the login page, but this isn't getting called.

浏览器在响应中收到401(未授权).我期望我的HandleUnauthorizedAsync()被调用.

The browser is receiving a 401 (Unauthorized) in the response. I was expecting my HandleUnauthorizedAsync() to be called.

我在这里对管道的理解不正确吗?

Am I not understanding the pipeline correctly here?

谢谢

推荐答案

未调用我的处理程序的原因是未将我的 AuthenticationScheme 选择为默认值.我必须将其包含在我的 Authorize 属性中，如下所示:

in my case the reason for my handler not being called was that my AuthenticationScheme wasn't selected as default. I had to include it in my Authorize attribute like this:

[HttpGet]
[Authorize(AuthenticationSchemes= "MyAuth")]
public IEnumerable<string> Get()
{
    ...
}

btw: AutomaticChallenge 选项似乎已在 .net core 2.0

btw: the AutomaticChallenge option seems to have been removed in .net core 2.0

这篇关于覆盖的HandleUnauthorizedAsync不被称为.NET Core的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！