C# ASP.NET核心JWT承载身份不';行不通
在向api方法发送头之后,它会为我抛出401错误。我不明白为什么。这是我的配置 API控制器C# ASP.NET核心JWT承载身份不';行不通,c#,asp.net-core,asp.net-identity,C#,Asp.net Core,Asp.net Identity,在向api方法发送头之后,它会为我抛出401错误。我不明白为什么。这是我的配置 API控制器 [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] public class AdminApiController : Controller { private readonly IAdminService _adminService; public AdminApiController
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
public class AdminApiController : Controller
{
private readonly IAdminService _adminService;
public AdminApiController(IAdminService adminService)
{
_adminService = adminService;
}
[HttpPost]
[Authorize(Roles = "Admin")]
[Route("/api/rooms/add")]
public async Task<IActionResult> AddRoom([FromBody]QuestRoomDto room)
{
return Ok(await _adminService.AddRoom(room));
}
}
[授权(AuthenticationSchemes=JwtBearerDefaults.AuthenticationScheme)]
公共类AdminApicController:控制器
{
私有只读IAdminService\u adminService;
公共管理员控制器(IAdminService管理员服务)
{
_adminService=adminService;
}
[HttpPost]
[授权(Roles=“Admin”)]
[路线(“/api/rooms/add”)]
公共异步任务添加室([FromBody]QuestRoomDto室)
{
返回Ok(等待_adminService.AddRoom(room));
}
}
配置
services.AddIdentity<Customer, CustomerRole>()
.AddEntityFrameworkStores<CustomerDbContext>()
.AddDefaultTokenProviders();
//Configure Jwt authentication
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(cfg =>
{
cfg.RequireHttpsMetadata = false;
cfg.SaveToken = true;
cfg.TokenValidationParameters = new TokenValidationParameters
{
ValidIssuer = configuration["JwtIssuer"],
ValidAudience = configuration["JwtIssuer"],
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["JwtKey"])),
ClockSkew = TimeSpan.Zero
};
});
services.AddIdentity()
.AddEntityFrameworkStores()
.AddDefaultTokenProviders();
//配置Jwt身份验证
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(选项=>
{
options.DefaultAuthenticateScheme=JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme=JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme=JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(cfg=>
{
cfg.RequireHttpsMetadata=false;
cfg.SaveToken=true;
cfg.TokenValidationParameters=新的TokenValidationParameters
{
ValidIssuer=配置[“JwtIssuer”],
Validudience=配置[“JwtIssuer”],
validateisuer=true,
ValidateAudience=true,
ValidateLifetime=true,
IssuerSigningKey=new-SymmetricSecurityKey(Encoding.UTF8.GetBytes(配置[“JwtKey]”)),
时钟偏移=时间跨度0
};
});
我有两个角色(管理员/用户)。即使我将此方法设置为任何授权人员,此方法也不起作用。您的头是什么样子的?我使用邮递员发送头-“持票人{token}”401是授权失败的结果。它通常表示令牌已过期或无效,或者在本例中不包含管理员角色的角色声明。您没有在
TokenValidationParameters
中定义RoleClaimType
,因此这可能是一个很好的起点。