Bearer error=“invalid_token"，error_description=“发行者无效" [英] Bearer error="invalid_token", error_description="The issuer is invalid"

查看：305 发布时间：2021/11/24 18:11:50 c# asp.net-core .net-core postman identityserver4

本文介绍了Bearer error=“invalid_token"，error_description=“发行者无效"的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我有一个简单的 web api 项目，如下所示:

[授权][路线(获取")]公共 ActionResult问好(){返回你好世界"；}

我正在尝试使用 Postman 对其进行测试.按照此处的步骤操作:

2) 尝试使用授权令牌发送另一个请求，如下所示:

为什么我会收到 401(未经授权)错误?WWW-Authenticate 响应头表示:Bearer error="invalid_token", error_description="颁发者无效".我正在使用 .Net Core 3.1.截图中的敏感信息我已经注释掉了.

当从 MVC 应用程序访问时，Web api 按预期工作.

这是启动代码:

services.AddAuthentication("Bearer").AddIdentityServerAuthentication(options =>{options.Authority = identityUrl;//identityurl 是一个配置项options.RequireHttpsMetadata = false;options.ApiName = apiName;});

解决方案

AddIdentityServerAuthentication 中间件的 Authority 应该是你的 identityserver 的基地址，中间件会联系身份服务器的 OIDC 元数据端点以获取公钥以验证 JWT 令牌.

请确认Authority是您颁发jwt令牌的身份服务器的url.

I have a simple web api project, which looks like this:

[Authorize]
        [Route("Get")]
        public ActionResult<string> SayHello()
        {
            return "Hello World";
        }

I am trying to test it with Postman. By following the steps here: https://kevinchalet.com/2016/07/13/creating-your-own-openid-connect-server-with-asos-testing-your-authorization-server-with-postman/

1) Send the request below and receive a token as expected:

2) Attempt to send another request with the authorization token as shown below:

Why do I get a 401 (unauthorized) error? The WWW-Authenticate response header says: Bearer error="invalid_token", error_description="The issuer is invalid". I am using .Net Core 3.1. I have commented out the sensitive information in the screenshots.

The web api works as expected when accessed from an MVC application.

Here is the startup code:

services.AddAuthentication("Bearer")
                .AddIdentityServerAuthentication(options =>
                {
                    options.Authority = identityUrl; //identityurl is a config item
                    options.RequireHttpsMetadata = false;
                    options.ApiName = apiName;

                });

解决方案

The Authority of AddIdentityServerAuthentication middleware should be the base-address of your identityserver , middleware will contact the identity server's OIDC metadata endpoint to get the public keys to validate the JWT token .

Please confirm that the Authority is the url of identity server where you issued the jwt token .

这篇关于Bearer error=“invalid_token"，error_description=“发行者无效"的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

Bearer error=“invalid_token"，error_description=“发行者无效" [英] Bearer error="invalid_token", error_description="The issuer is invalid"

问题描述

相关文章

C#/.NET最新文章

热门教程

热门工具

登录关闭

Bearer error=“invalid_token"，error_description=“发行者无效" [英] Bearer error=&quot;invalid_token&quot;, error_description=&quot;The issuer is invalid&quot;

问题描述

相关文章

C#/.NET最新文章

热门教程

热门工具

登录 关闭

Bearer error=“invalid_token"，error_description=“发行者无效" [英] Bearer error="invalid_token", error_description="The issuer is invalid"

登录关闭