C# “招摇过市”;此请求的授权已被拒绝”;消息
在我的招摇过市API中,我不断地收到这个消息,即使它拾取了头中指定的API键,为什么会发生这种情况?任何帮助都会很好 请求URL 响应体 { “消息”:“此请求的授权已被拒绝。” } Startup.csC# “招摇过市”;此请求的授权已被拒绝”;消息,c#,asp.net-web-api,swagger,swashbuckle,C#,Asp.net Web Api,Swagger,Swashbuckle,在我的招摇过市API中,我不断地收到这个消息,即使它拾取了头中指定的API键,为什么会发生这种情况?任何帮助都会很好 请求URL 响应体 { “消息”:“此请求的授权已被拒绝。” } Startup.cs [assembly: OwinStartup(typeof(ProjectScavengerAPI.Web.Startup))] namespace ProjectScavengerAPI.Web { public partial class Startup { public vo
[assembly: OwinStartup(typeof(ProjectScavengerAPI.Web.Startup))]
namespace ProjectScavengerAPI.Web
{
public partial class Startup
{
public void Configuration(IAppBuilder app)
{
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
this.ConfigureOAuthTokenConsumption(app);
HttpConfiguration config = new HttpConfiguration();
config.Formatters.JsonFormatter.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver();
config.Formatters.JsonFormatter.UseDataContractJsonSerializer = false;
config.IncludeErrorDetailPolicy = IncludeErrorDetailPolicy.Always;
WebApiConfig.Register(config);
app.UseWebApi(config);
}
}
}
public static void Register(HttpConfiguration config)
{
// Web API configuration and services
config.SuppressDefaultHostAuthentication();
config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
// Web API routes
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{action}/{id}",
defaults: new { id = RouteParameter.Optional }
);
}
public partial class Startup
{
// For more information on configuring authentication, please visit https://go.microsoft.com/fwlink/?LinkId=301864
public static OAuthAuthorizationServerOptions OAuthOptions { get; private set; }
public static string PublicClientId { get; private set; }
private void ConfigureOAuthTokenConsumption(IAppBuilder app)
{
var issuer = ConfigurationManager.AppSettings["Issuer"];
var audienceId = ConfigurationManager.AppSettings["AudienceId"];
var clientAudienceId = ConfigurationManager.AppSettings["ClientAudienceId"];
var audienceSecret = ConfigurationManager.AppSettings["AudienceSecret"];
// Api controllers with an [Authorize] attribute will be validated with JWT
app.UseJwtBearerAuthentication(new JwtBearerAuthenticationOptions
{
AuthenticationMode = AuthenticationMode.Active,
AllowedAudiences = new[] { audienceId, clientAudienceId },
IssuerSecurityTokenProviders = new IIssuerSecurityTokenProvider[]
{
new SymmetricKeyIssuerSecurityTokenProvider(issuer, audienceSecret)
}
});
}
}
在花了几个小时试图弄清楚它为什么不起作用之后,结果发现我在注入javascript文件时出现了拼写错误,该文件在令牌上附加了“bearer”,因此它从未被注入 我还必须在SwaggerConfig.EnableSwaggerUI中添加ApiKeySupport
.EnableSwaggerUi(c =>
{
c.InjectJavaScript(thisAssembly, "ProjectScavengerAPI.Web.Scripts.Swagger.jwt-auth.js");
c.EnableApiKeySupport("Authorization", "header");
});
您是否在IIS中托管应用程序?IIS快车?等等?IIS Express(谷歌浏览器)你的标题意味着招摇有问题。。。但这真的是问题所在吗?你有没有尝试过没有Swashback的api?我使用的是swagger,问题发生在swagger上,很多人都遇到过这个问题,但他们的解决方案对我不起作用。每个没有[authorize]属性的函数都可以正常工作,所以从这些细节来看,我的假设是我可能设置错误,这就是我在这里发布的原因,这就是这个网站的目的,对吗?获取帮助?[authorize]属性甚至没有被激活,有没有办法对api/swagger说key=this。(它在运行时在index.html中添加显示在console.log中的键)
.EnableSwaggerUi(c =>
{
c.InjectJavaScript(thisAssembly, "ProjectScavengerAPI.Web.Scripts.Swagger.jwt-auth.js");
c.EnableApiKeySupport("Authorization", "header");
});