我收到“此请求的授权已被拒绝".使用 OWIN oAuth 中间件时的错误消息(具有单独的身份验证和资源服务器) [英] I get "Authorization has been denied for this request." error message when using OWIN oAuth middleware (with separate Auth and Resource Server)
问题描述
我正在尝试分离我的身份验证和资源服务器.我正在遵循本教程中提供的示例:
I am attempting to decouple my auth and resource server. I am following the example provided in this tutorial:
这是我的身份验证服务器中的 Startup.cs 中的代码:
This is the code in my Startup.cs in my auth server:
using Microsoft.Owin;
using Microsoft.Owin.Security.OAuth;
using Owin;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace AuthServer.Web
{
public class xxxxx
{
public void Configuration(IAppBuilder app) {
ConfigureOAuth(app);
}
public void ConfigureOAuth(IAppBuilder app)
{
OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
Provider = new SimpleAuthorizationServerProvider()
};
// Token Generation
app.UseOAuthAuthorizationServer(OAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
}
}
这是我的资源服务器(即我的示例 Web api 应用程序)中的 startup.cs:
This is the startup.cs in my resource server (i.e. my sample Web api application):
using Microsoft.Owin.Security.OAuth;
using Owin;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace AuthTestApi.Web
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
}
}
}
当我向 oken"发布以下请求时我的身份验证服务器的端点我成功地收到了一个令牌:
When I post the following request to the " oken" endpoint of my auth server I sucessfully receive a token:
{
access_token: "PszrzJUtQUhX42GMryWjZiVHuKiJ9yCVH_1tZURumtC5mTj2tpuRDF3tXcN_VNIYuXY40IG0K7W3KASfJ9DlNIU2jMOkL2U5oEAXLNRRQuNYdEJ7dMPb14nW19JIaM4BMk00xfQ8MFRw0p6-uoh0-e-Q6iAiTwDNN3F7bYMF9qm874qhLWEcOt6dWQgwpdDUVPDi7F07-Ck0zAs48Dg5w4q93vDpFaQMrziJg9aaxN8",
token_type: "bearer",
expires_in: 86399
}
当我向我的控制器发布以下请求时,我收到此请求的授权已被拒绝";错误信息?
When I post the following request to my controller I receive the "Authorization has been denied for this request" error message?
GET /api/Test HTTP/1.1
Host: localhost:63305
Accept: application/json
Content-Type: application/json
Authorization: Bearer PszrzJUtQUhX42GMryWjZiVHuKiJ9yCVH_1tZURumtC5mTj2tpuRDF3tXcN_VNIYuXY40IG0K7W3KASfJ9DlNIU2jMOkL2U5oEAXLNRRQuNYdEJ7dMPb14nW19JIaM4BMk00xfQ8MFRw0p6-uoh0-e-Q6iAiTwDNN3F7bYMF9qm874qhLWEcOt6dWQgwpdDUVPDi7F07-Ck0zAs48Dg5w4q93vDpFaQMrziJg9aaxN8
Cache-Control: no-cache
Postman-Token: aeca8515-70b1-ef2c-f317-bf66136dccab
我的身份验证服务器和资源/Web api 项目采用不同的解决方案,并在不同的端口上运行(...不确定这是否重要,但我认为我提到了).
My auth server and resource / web api projects are in different solutions and are running on different ports (...not sure if that matters but thought Id mention it).
此时这两个项目正在使用 oAuth OWIN 中间件(并且几乎没有自定义代码).中间件有点像黑盒,只是需要一些帮助来找出我收到此错误消息的原因.
At this point these 2 projects are making use of oAuth OWIN middleware (and has very little custom code). The middleware is blackbox somewhat and just need some assistance in figuring out why I am receiving this error message.
另请注意,我在两个 Visual Studio 2013 Web 应用程序项目中运行两台服务器,这些项目位于在不同端口上运行的不同 VS 2013 解决方案中.我不确定这是否重要,但我想我会提到它.
提前致谢.
推荐答案
我在过去几天面临完全相同的问题,虽然我在同一台机器(不同端口)上托管两个应用程序但它没有工作无需在两个 web.config 文件中添加机器密钥,并且确保在两个应用程序中安装了相同的软件包版本号
I was facing exactly the same problem in the last couple of days, although I host both application on the same machine (different ports) but it didn't work without adding machine key both web.config files and make sure that the same packages version number installed in both applications
这篇关于我收到“此请求的授权已被拒绝".使用 OWIN oAuth 中间件时的错误消息(具有单独的身份验证和资源服务器)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
