Bearer error=“invalid_token",error_description=“发行者无效" [英] Bearer error="invalid_token", error_description="The issuer is invalid"
问题描述
我有一个简单的 web api 项目,如下所示:
[授权][路线(获取")]公共 ActionResult问好(){返回你好世界";}
我正在尝试使用 Postman 对其进行测试.按照此处的步骤操作:
2) 尝试使用授权令牌发送另一个请求,如下所示:
为什么我会收到 401(未经授权)错误?WWW-Authenticate 响应头表示:Bearer error="invalid_token", error_description="颁发者无效".我正在使用 .Net Core 3.1.截图中的敏感信息我已经注释掉了.
当从 MVC 应用程序访问时,Web api 按预期工作.
这是启动代码:
services.AddAuthentication("Bearer").AddIdentityServerAuthentication(options =>{options.Authority = identityUrl;//identityurl 是一个配置项options.RequireHttpsMetadata = false;options.ApiName = apiName;});
AddIdentityServerAuthentication
中间件的 Authority
应该是你的 identityserver 的基地址,中间件会联系身份服务器的 OIDC 元数据端点以获取公钥以验证 JWT 令牌.
请确认Authority是您颁发jwt令牌的身份服务器的url.
I have a simple web api project, which looks like this:
[Authorize]
[Route("Get")]
public ActionResult<string> SayHello()
{
return "Hello World";
}
I am trying to test it with Postman. By following the steps here: https://kevinchalet.com/2016/07/13/creating-your-own-openid-connect-server-with-asos-testing-your-authorization-server-with-postman/
1) Send the request below and receive a token as expected:
2) Attempt to send another request with the authorization token as shown below:
Why do I get a 401 (unauthorized) error? The WWW-Authenticate response header says: Bearer error="invalid_token", error_description="The issuer is invalid". I am using .Net Core 3.1. I have commented out the sensitive information in the screenshots.
The web api works as expected when accessed from an MVC application.
Here is the startup code:
services.AddAuthentication("Bearer")
.AddIdentityServerAuthentication(options =>
{
options.Authority = identityUrl; //identityurl is a config item
options.RequireHttpsMetadata = false;
options.ApiName = apiName;
});
The Authority
of AddIdentityServerAuthentication
middleware should be the base-address of your identityserver , middleware will contact the identity server's OIDC metadata endpoint to get the public keys to validate the JWT token .
Please confirm that the Authority is the url of identity server where you issued the jwt token .
这篇关于Bearer error=“invalid_token",error_description=“发行者无效"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!