.net core 虚张声势授权持有人不发送
我在dotnet core 3.1 web api项目中使用了Swagger Swashback,在向请求调用发送承载授权时遇到了麻烦。 我已经在我的.net core 虚张声势授权持有人不发送,.net-core,authorization,swagger,asp.net-core-webapi,bearer-token,.net Core,Authorization,Swagger,Asp.net Core Webapi,Bearer Token,我在dotnet core 3.1 web api项目中使用了Swagger Swashback,在向请求调用发送承载授权时遇到了麻烦。 我已经在我的ConfigureServices方法中定义了这一点: services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new OpenApiInfo() { Title = "MyApi", Version = "v1" });
ConfigureServices services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo() { Title = "MyApi", Version = "v1" });
// Set the comments path for the Swagger JSON and UI.
var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml";
var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
c.IncludeXmlComments(xmlPath);
c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
Type = SecuritySchemeType.OAuth2,
Flows = new OpenApiOAuthFlows()
{
Password = new OpenApiOAuthFlow()
{
TokenUrl = new Uri("/api/Account/Login", UriKind.Relative),
}
},
In = ParameterLocation.Header,
Name = "Authorization",
Scheme = "Bearer",
});
c.AddSecurityRequirement(new OpenApiSecurityRequirement()
{
{
new OpenApiSecurityScheme()
{
Reference = new OpenApiReference()
{
Type = ReferenceType.SecurityScheme,
Id = "Bearer"
},
Scheme = "Bearer",
Type = SecuritySchemeType.Http,
Name = "Bearer",
In = ParameterLocation.Header
}, new List<string>()
}
});
});
我的定义有什么问题?在cURL请求中,您可以看到:-H“Authorization:bearneundefined”。 这意味着,当Swagger UI尝试获取将添加到请求头的令牌时,找不到该令牌 那么,令牌来自何处,为什么Swagger UI找不到它?令牌来自登录端点返回的json(/api/Account/login) 您必须确保从登录端点返回的json与OAuth密码流的预期格式相同,如第4.1.4节(访问令牌响应)所述 必须从登录端点返回如下json响应:
{
"access_token":"2YotnFZFEjr1zCsicMWpAA",
"token_type":"bearer"
}
{
"accessToken":"2YotnFZFEjr1zCsicMWpAA",
"tokenType":"bearer"
}
{
"access_token":"2YotnFZFEjr1zCsicMWpAA",
"token_type":"bearer"
}
{
"accessToken":"2YotnFZFEjr1zCsicMWpAA",
"tokenType":"bearer"
}
[JsonPropertyName("access_token")]
[JsonProperty(PropertyName = "access_token")]
public string AccessToken { get; set; }
请参阅,它向您展示了正确的方法。在cURL请求中,您可以看到:-H“Authorization:Bearer undefined”。 这意味着,当Swagger UI尝试获取将添加到请求头的令牌时,找不到该令牌 那么,令牌来自何处,为什么Swagger UI找不到它?令牌来自登录端点返回的json(/api/Account/login) 您必须确保从登录端点返回的json与OAuth密码流的预期格式相同,如第4.1.4节(访问令牌响应)所述 必须从登录端点返回如下json响应:
{
"access_token":"2YotnFZFEjr1zCsicMWpAA",
"token_type":"bearer"
}
{
"accessToken":"2YotnFZFEjr1zCsicMWpAA",
"tokenType":"bearer"
}
{
"access_token":"2YotnFZFEjr1zCsicMWpAA",
"token_type":"bearer"
}
{
"accessToken":"2YotnFZFEjr1zCsicMWpAA",
"tokenType":"bearer"
}
[JsonPropertyName("access_token")]
[JsonProperty(PropertyName = "access_token")]
public string AccessToken { get; set; }
请参阅,它向您展示了正确的操作方法。那么,当您呼叫您的服务时,您的承载令牌没有从报头中的客户端发送?这不是你的服务的问题,而是你的客户的问题。@tomredfern是的,客户是狂妄自大的。狂妄自大不支持你试图做的事情。请改用类似postman的方法。很可能,
AddSecurityRequestsecuritySchemessecurityAddSecurityRequestsecuritySchemessecurity