Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/.net/20.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Linux容器.Net Core 2.2上的JWT签名无效_.net_Asp.net Core_Openshift_Jwt Auth - Fatal编程技术网
Fatal编程技术网
  • .net/
  • Linux容器.Net Core 2.2上的JWT签名无效

Linux容器.Net Core 2.2上的JWT签名无效

.net asp.net-core openshift

Linux容器.Net Core 2.2上的JWT签名无效,.net,asp.net-core,openshift,jwt-auth,.net,Asp.net Core,Openshift,Jwt Auth,我一直致力于实现基于JWT承载的身份验证。我正在尝试从身份验证服务器JWKS URL获取公钥,并将其加载到JsonWebKeySet。以下是我的ConfigureServices类代码: public void ConfigureServices(IServiceCollection services) { services.AddCors(o=> { o.AddPolicy("AllowAnyOrigin", b=> b.AllowAnyOrigin

我一直致力于实现基于JWT承载的身份验证。我正在尝试从身份验证服务器JWKS URL获取公钥,并将其加载到JsonWebKeySet。以下是我的ConfigureServices类代码:

    public void ConfigureServices(IServiceCollection services)
    {
        services.AddCors(o=> { o.AddPolicy("AllowAnyOrigin", b=> b.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader()); });
        services.Configure<MvcOptions>(o => { o.Filters.Add(new CorsAuthorizationFilterFactory("AllowAnyOrigin")); });
        var p = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build();
        services.AddMvc(o=> {
            o.Filters.Add(new AuthorizeFilter(p));
        }).SetCompatibilityVersion(CompatibilityVersion.Version_2_2);

        // configure strongly typed settings objects
        var appSettingsSection = Configuration.GetSection("AppSettings");
        services.Configure<AppSettings>(appSettingsSection);

        // configure jwt authentication
        var appSettings = appSettingsSection.Get<AppSettings>();
        //var key = Encoding.ASCII.GetBytes(appSettings.Secret);

        //Call Auth service URL to get public keys
        var jwksJson = Helpers.GetKeyAsync(appSettings.jwksURL).GetAwaiter().GetResult();

        //load keys from JWKS
        var jwks = new JsonWebKeySet(jwksJson);

        var issuerSigningKeys = jwks.Keys.ToList();

        services.AddAuthentication(x =>
        {
            x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
        })
        .AddJwtBearer(x =>
        {
            x.RequireHttpsMetadata = false;
            x.SaveToken = true;
            x.TokenValidationParameters = new TokenValidationParameters
            {
                ValidateIssuerSigningKey = true,
                IssuerSigningKeys = issuerSigningKeys,
                //IssuerSigningKey = new SymmetricSecurityKey(key),
                ValidateIssuer = false,
                ValidateAudience = false
            };
        });

        // configure DI for application services
        services.AddScoped<IUserService, UserService>();
    }
当我在本地机器(iisexpress)上用我的角度前端和邮递员运行API时,这段代码工作得非常好。然而,当我将这段代码部署到基于Openshift的Linux容器时,我总是收到401错误,说“签名无效”。我在本地和Openshift容器上使用相同的令牌进行身份验证。想知道是否是基于Linux的容器导致了这个问题。

您是否找到了解决方案?我也在努力解决同样的问题:令牌验证在本地(Windows、Kestrel)运行良好,但在CentOS和Ubuntu(也是Kestrel)上,它表示签名无效。感谢您的帮助!你有没有找到解决办法?我也在努力解决同样的问题:令牌验证在本地(Windows、Kestrel)运行良好,但在CentOS和Ubuntu(也是Kestrel)上,它表示签名无效。感谢您的帮助! 
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        app.UseCors("AllowAnyOrigin");
        app.UseAuthentication();
        app.UseMvc();
    }