Authentication AuthorizationHandlerContext中的声明在HandleRequirementAsync中为空
我有一个带有POST方法的Web API,如下所示:Authentication AuthorizationHandlerContext中的声明在HandleRequirementAsync中为空,authentication,.net-core,jwt,authorization,asp.net-core-webapi,Authentication,.net Core,Jwt,Authorization,Asp.net Core Webapi,我有一个带有POST方法的Web API,如下所示: [HttpPut] [Authorize("FeaturePolicy")] public IActionResult Put() { return Ok(); } public void ConfigureServices(IServiceCollection services) { services.AddMvc().SetCompatibilityVersion(CompatibilityVersi
[HttpPut]
[Authorize("FeaturePolicy")]
public IActionResult Put()
{
return Ok();
}
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
services.AddAuthentications();
services.AddAuthorization("FeaturePolicy", "featureId");
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseMvc();
app.UseAuthentication();
}
启动过程如下所示:
[HttpPut]
[Authorize("FeaturePolicy")]
public IActionResult Put()
{
return Ok();
}
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
services.AddAuthentications();
services.AddAuthorization("FeaturePolicy", "featureId");
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseMvc();
app.UseAuthentication();
}
我从邮递员处发送JWT令牌持有人作为邮件头。当我尝试从HandleRequirementAsync处理程序访问声明时,声明为空。处理程序如下所示:
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
FeatureRequirement requirement)
{
var identity = (ClaimsIdentity)context.User.Identity;
IEnumerable<Claim> claims = identity.Claims;
context.Succeed(requirement);
}
protected override Task HandleRequirementAsync(AuthorizationHandlerContext上下文,
特性(要求)
{
var identity=(ClaimsIdentity)context.User.identity;
IEnumerable claims=identity.claims;
成功(要求);
}
我做错什么了?请帮忙!谢谢。如果您没有成功获得身份验证,那么您的上下文中就不会有声明。我的意思是,你的问题是这个请求无法被验证。您的请求无权执行