C# ASP.NET核心API令牌存在问题?
我已经用ASP.NETCore3.1构建了一个API,与IIS一起用作Kestrel(进程外)的反向代理。我正在使用一个内部数据库进行身份验证。该API在本地运行时工作正常,但在IIS服务器上运行不正常 我得到的邮递员错误是: 错误:连接ETIMEDOUT x.x.x.x:443 警告:此请求未完全发送,可能没有所有必需的系统标头 在本地运行时,我得到的令牌如下所示: { alg:“HS512”, 类型:“JWT” }. { 唯一名称:“2”, nbf:1588861522, 出口:1588865122, 国际航空运输协会:1588861522 }. [签名] 在服务器上,我可以在控制台上运行应用程序,并通过IE获得结果,因此我想知道问题是否与JWT令牌有关,或者可能是发送给Kestrel的MS-ASPNETCORE-TOKEN头?MS-ASPNETCORE-TOKEN转发到Kestrel是在幕后处理的,还是我需要进行设置?文档让我相信这些都是自动处理的 我在日志中看到的唯一错误(尽管我没有得到一致的理解)是: “MS-ASPNETCORE-TOKEN”与预期的配对令牌“88c68a82-4b24-4876-ad11-6f78238c8800”不匹配,请求被拒绝 有人知道我的问题是什么吗 Program.cs:C# ASP.NET核心API令牌存在问题?,c#,asp.net-core,jwt,C#,Asp.net Core,Jwt,我已经用ASP.NETCore3.1构建了一个API,与IIS一起用作Kestrel(进程外)的反向代理。我正在使用一个内部数据库进行身份验证。该API在本地运行时工作正常,但在IIS服务器上运行不正常 我得到的邮递员错误是: 错误:连接ETIMEDOUT x.x.x.x:443 警告:此请求未完全发送,可能没有所有必需的系统标头 在本地运行时,我得到的令牌如下所示: { alg:“HS512”, 类型:“JWT” }. { 唯一名称:“2”, nbf:1588861522, 出口:158886
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.UseKestrel();
webBuilder.UseIISIntegration();
webBuilder.UseStartup<Startup>();
});
公共静态IHostBuilder CreateHostBuilder(字符串[]args)=>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder=>
{
webBuilder.UseKestrel();
webBuilder.useisintegration();
webBuilder.UseStartup();
});
public Startup(IConfiguration configuration)
{
_configuration = configuration ?? throw new ArgumentNullException(nameof(configuration));
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
var connectionString = _configuration["connectionStrings:PecanDBConnectionString"];
services.AddDbContext<PecanContext>(o =>
{
o.UseSqlServer(connectionString);
});
//services.AddCors();
services.AddControllers();
services.Configure<IISOptions>(options =>
{
options.AutomaticAuthentication = false;
options.ForwardClientCertificate = false;
});
//configure DI for application services
services.AddScoped<IAccInfoRepository, AccInfoRepository>();
services.AddScoped<IAccPlantRepository, AccPlantRepository>();
services.AddScoped<IPlantLocationRepository, PlantLocationRepository>();
services.AddScoped<INutQualityRepository, NutQualityRepository>();
services.AddScoped<IPlantImageRepository, PlantImageRepository>();
services.AddScoped<IUserService, UserService>();
services.AddAutoMapper(AppDomain.CurrentDomain.GetAssemblies());
//configure strongly typed settings objects
var appSettingsSection = _configuration.GetSection("AppSettings");
services.Configure<AppSettings>(appSettingsSection);
//configure jwt authentication
var appSettings = appSettingsSection.Get<AppSettings>();
var key = Encoding.ASCII.GetBytes(appSettings.Secret);
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x =>
{
x.RequireHttpsMetadata = true;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false,
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
app.Use(async (context, next) =>
{
await next();
if (context.Response.StatusCode == 404 && !Path.HasExtension(context.Request.Path.Value))
{
context.Request.Path = "/index.html";
await next();
}
});
//app.UseHsts();
}
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
公共启动(IConfiguration配置)
{
_配置=配置??抛出新ArgumentNullException(nameof(配置));
}
公共IConfiguration配置{get;}
//此方法由运行时调用。使用此方法向容器中添加服务。
public void配置服务(IServiceCollection服务)
{
var connectionString=_配置[“connectionStrings:PecanDBConnectionString”];
services.AddDbContext(o=>
{
o、 使用SQLServer(connectionString);
});
//services.AddCors();
services.AddControllers();
配置(选项=>
{
options.AutomaticAuthentication=false;
options.ForwardClientCertificate=false;
});
//为应用程序服务配置DI
services.addScope();
services.addScope();
services.addScope();
services.addScope();
services.addScope();
services.addScope();
AddAutoMapper(AppDomain.CurrentDomain.GetAssemblys());
//配置强类型设置对象
var appsetingssection=_configuration.GetSection(“AppSettings”);
services.Configure(应用设置部分);
//配置jwt身份验证
var appSettings=appSettingsSection.Get();
var key=Encoding.ASCII.GetBytes(appSettings.Secret);
services.AddAuthentication(x=>
{
x、 DefaultAuthenticateScheme=JwtBearerDefaults.AuthenticationScheme;
x、 DefaultChallengeScheme=JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x=>
{
x、 RequireHttpsMetadata=true;
x、 SaveToken=true;
x、 TokenValidationParameters=新的TokenValidationParameters
{
ValidateSuersigningKey=true,
IssuerSigningKey=新对称性安全密钥(密钥),
validateisuer=false,
ValidateAudience=false,
ValidateLifetime=true,
时钟偏移=时间跨度0
};
});
}
//此方法由运行时调用。使用此方法配置HTTP请求管道。
public void配置(IApplicationBuilder应用程序、IWebHostEnvironment环境)
{
if(env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
其他的
{
app.UseExceptionHandler(“/Error”);
应用程序使用(异步(上下文,下一步)=>
{
等待下一个();
if(context.Response.StatusCode==404&&!Path.HasExtension(context.Request.Path.Value))
{
context.Request.Path=“/index.html”;
等待下一个();
}
});
//app.UseHsts();
}
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(端点=>
{
endpoints.MapControllers();
});