Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/asp.net-core/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Authorization 策略要求引发的Authorize属性:未接受以下身份验证方案_Authorization_Asp.net Core_Asp.net Core Mvc - Fatal编程技术网
Fatal编程技术网
  • authorization/
  • Authorization 策略要求引发的Authorize属性:未接受以下身份验证方案

Authorization 策略要求引发的Authorize属性:未接受以下身份验证方案

asp.net-core asp.net-core-mvc

Authorization 策略要求引发的Authorize属性:未接受以下身份验证方案,authorization,asp.net-core,asp.net-core-mvc,Authorization,Asp.net Core,Asp.net Core Mvc,我有这个简单的政策要求设置。我假设它应该返回401,但它却抛出了一个异常 Startup.cs public class Startup { public Startup(IHostingEnvironment env) { } public void ConfigureServices(IServiceCollection services) { services.ConfigureAuthorization(options =>

我有这个简单的政策要求设置。我假设它应该返回401,但它却抛出了一个异常

Startup.cs

public class Startup
{
    public Startup(IHostingEnvironment env)
    {
    }

    public void ConfigureServices(IServiceCollection services)
    {
        services.ConfigureAuthorization(options =>
        {
            var policyBuilder = new AuthorizationPolicyBuilder();                
            policyBuilder.AddRequirements(new MyPolicyRequirement());
            options.AddPolicy("MyPolicy", policyBuilder.Build());
        });
        services.AddMvc();            
    }

    // Configure is called after ConfigureServices is called.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        //app.UseErrorPage();            
        app.UseStaticFiles();            
        app.UseMvc();           
    }
}

public class MyPolicyRequirement : AuthorizationHandler<MyPolicyRequirement>, IAuthorizationRequirement
{
    protected override void Handle(AuthorizationContext context, MyPolicyRequirement requirement)
    {            
        if (!context.User.HasClaim(c => c.Type == "yes"))
        {
            context.Fail();
            return;
        }

        context.Succeed(requirement);                 
    }
}

[Route("api/[controller]")]
public class ValuesController : Controller
{
    [Authorize(Policy = "MyPolicy")]
    [HttpGet]
    public IEnumerable<string> Get()
    {
        return new string[] { "value1", "value2" };
    }        
}
MyPolicyRequirement.cs

public class Startup
{
    public Startup(IHostingEnvironment env)
    {
    }

    public void ConfigureServices(IServiceCollection services)
    {
        services.ConfigureAuthorization(options =>
        {
            var policyBuilder = new AuthorizationPolicyBuilder();                
            policyBuilder.AddRequirements(new MyPolicyRequirement());
            options.AddPolicy("MyPolicy", policyBuilder.Build());
        });
        services.AddMvc();            
    }

    // Configure is called after ConfigureServices is called.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        //app.UseErrorPage();            
        app.UseStaticFiles();            
        app.UseMvc();           
    }
}

public class MyPolicyRequirement : AuthorizationHandler<MyPolicyRequirement>, IAuthorizationRequirement
{
    protected override void Handle(AuthorizationContext context, MyPolicyRequirement requirement)
    {            
        if (!context.User.HasClaim(c => c.Type == "yes"))
        {
            context.Fail();
            return;
        }

        context.Succeed(requirement);                 
    }
}

[Route("api/[controller]")]
public class ValuesController : Controller
{
    [Authorize(Policy = "MyPolicy")]
    [HttpGet]
    public IEnumerable<string> Get()
    {
        return new string[] { "value1", "value2" };
    }        
}

公共类MyPolicyRequirement:AuthorizationHandler,IAAuthorizationRequirement
{
受保护的覆盖无效句柄(AuthorizationContext上下文,MyPolicyRequirement要求)
{            
如果(!context.User.HasClaim(c=>c.Type==“yes”))
{
context.Fail();
返回;
}
成功(要求);
}
}
值控制器.cs

public class Startup
{
    public Startup(IHostingEnvironment env)
    {
    }

    public void ConfigureServices(IServiceCollection services)
    {
        services.ConfigureAuthorization(options =>
        {
            var policyBuilder = new AuthorizationPolicyBuilder();                
            policyBuilder.AddRequirements(new MyPolicyRequirement());
            options.AddPolicy("MyPolicy", policyBuilder.Build());
        });
        services.AddMvc();            
    }

    // Configure is called after ConfigureServices is called.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        //app.UseErrorPage();            
        app.UseStaticFiles();            
        app.UseMvc();           
    }
}

public class MyPolicyRequirement : AuthorizationHandler<MyPolicyRequirement>, IAuthorizationRequirement
{
    protected override void Handle(AuthorizationContext context, MyPolicyRequirement requirement)
    {            
        if (!context.User.HasClaim(c => c.Type == "yes"))
        {
            context.Fail();
            return;
        }

        context.Succeed(requirement);                 
    }
}

[Route("api/[controller]")]
public class ValuesController : Controller
{
    [Authorize(Policy = "MyPolicy")]
    [HttpGet]
    public IEnumerable<string> Get()
    {
        return new string[] { "value1", "value2" };
    }        
}

[路由(“api/[控制器]”)]
公共类值控制器:控制器
{
[授权(Policy=“MyPolicy”)]
[HttpGet]
公共IEnumerable Get()
{
返回新字符串[]{“value1”,“value2”};
}        
}
据我所知,这方面的流程是注册授权策略,然后使用Authorize属性使用它,然后在控制器上执行方法之前检查它,但这不会发生,相反,我会得到此异常

例外情况

System.InvalidOperationException
The following authentication scheme was not accepted: 
at Microsoft.AspNet.Http.Authentication.Internal.DefaultAuthenticationManager.<ChallengeAsync>d__10.MoveNext() 
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 
at Microsoft.AspNet.Mvc.ChallengeResult.<ExecuteResultAsync>d__14.MoveNext() 
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 
at Microsoft.AspNet.Mvc.Core.FilterActionInvoker.<InvokeResultAsync>d__53.MoveNext() 
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 
at Microsoft.AspNet.Mvc.Core.FilterActionInvoker.<InvokeAsync>d__41.MoveNext() 
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 
at Microsoft.AspNet.Mvc.MvcRouteHandler.<InvokeActionAsync>d__7.MoveNext() 
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 
at Microsoft.AspNet.Mvc.MvcRouteHandler.<RouteAsync>d__6.MoveNext() 
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 
at Microsoft.AspNet.Mvc.Routing.InnerAttributeRoute.<RouteAsync>d__10.MoveNext() 
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 
at Microsoft.AspNet.Routing.RouteCollection.<RouteAsync>d__9.MoveNext() 
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 
at Microsoft.AspNet.Builder.RouterMiddleware.<Invoke>d__4.MoveNext() 
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 
at Microsoft.AspNet.Hosting.Internal.RequestServicesContainerMiddleware.<Invoke>d__3.MoveNext() 
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 
at Microsoft.AspNet.Hosting.Internal.HostingEngine.<>c__DisplayClass29_0.<<Start>b__0>d.MoveNext() 
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 
at Microsoft.AspNet.Loader.IIS.RuntimeHttpApplication.<ProcessRequestAsyncImpl>d__13.MoveNext() 
--- exception rethrown --- 
at Microsoft.AspNet.Loader.IIS.RuntimeHttpApplication.<ProcessRequestAsyncImpl>d__13.MoveNext() 
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 
at Microsoft.AspNet.Loader.IIS.HttpApplicationBase.<InvokeProcessRequestAsyncImpl>d__9.MoveNext()

System.invalidoOperationException
未接受以下身份验证方案:
在Microsoft.AspNet.Http.Authentication.Internal.DefaultAuthenticationManager.d_u10.MoveNext()中
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification(任务任务)中
在System.Runtime.CompilerServices.TaskAwaiter.GetResult()中
在Microsoft.AspNet.Mvc.ChallengeResult.d_u14.MoveNext()上
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification(任务任务)中
在System.Runtime.CompilerServices.TaskAwaiter.GetResult()中
在Microsoft.AspNet.Mvc.Core.FilterActionInvoker.d_u53.MoveNext()中
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification(任务任务)中
在System.Runtime.CompilerServices.TaskAwaiter.GetResult()中
在Microsoft.AspNet.Mvc.Core.FilterActionInvoker.d_u41.MoveNext()中
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification(任务任务)中
在System.Runtime.CompilerServices.TaskAwaiter.GetResult()中
在Microsoft.AspNet.Mvc.MvcRouteHandler.d_u7.MoveNext()上
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification(任务任务)中
在System.Runtime.CompilerServices.TaskAwaiter.GetResult()中
在Microsoft.AspNet.Mvc.MvcRouteHandler.d_u6.MoveNext()上
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification(任务任务)中
在System.Runtime.CompilerServices.TaskAwaiter.GetResult()中
在Microsoft.AspNet.Mvc.Routing.InnerAttributeRoute.d_u10.MoveNext()中
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification(任务任务)中
在System.Runtime.CompilerServices.TaskAwaiter.GetResult()中
在Microsoft.AspNet.Routing.RouteCollection.d_u9.MoveNext()中
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification(任务任务)中
在System.Runtime.CompilerServices.TaskAwaiter.GetResult()中
在Microsoft.AspNet.Builder.RouterMiddleware.d_u4.MoveNext()上
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification(任务任务)中
在System.Runtime.CompilerServices.TaskAwaiter.GetResult()中
在Microsoft.AspNet.Hosting.Internal.RequestServicesContainerMiddleware.d_u3.MoveNext()中
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification(任务任务)中
在System.Runtime.CompilerServices.TaskAwaiter.GetResult()中
在Microsoft.AspNet.Hosting.Internal.HostingEngine.c__DisplayClass29_0.d.MoveNext()上
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification(任务任务)中
在System.Runtime.CompilerServices.TaskAwaiter.GetResult()中
在Microsoft.AspNet.Loader.IIS.RuntimeHttpApplication.d_u13.MoveNext()中
---异常重试--
在Microsoft.AspNet.Loader.IIS.RuntimeHttpApplication.d_u13.MoveNext()中
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)
在System.Runtime.CompilerServices.TaskWaiter.HandleNonSuccessAndDebuggerNotification(任务任务)中
在System.Runtime.CompilerServices.TaskAwaiter.GetResult()中
在Microsoft.AspNet.Loader.IIS.HttpApplicationBase.d_u9.MoveNext()上
看起来您拥有的是一堆授权片段,但没有身份验证中间件,因此当授权失败时,系统不知道应该做什么

返回状态代码取决于您选择的身份验证中间件。如果您选择了承载令牌,那么您将获得401返回,假设中间件是正确的。如果你选择cookie auth,你会得到一个302,因为它是针对浏览器的,并且试图重定向到你的登录页面

例如,如果在Configure()中添加

在进行身份验证时,您可能会看到重定向到/Account/Unauthorized。

谢谢您的回答。如何编写自定义身份验证程序