Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/csharp/323.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
C# ASP.NET核心JWT承载身份不';行不通_C#_Asp.net Core_Asp.net Identity - Fatal编程技术网
Fatal编程技术网
  • csharp/
  • C# ASP.NET核心JWT承载身份不';行不通

C# ASP.NET核心JWT承载身份不';行不通

c# asp.net-core

C# ASP.NET核心JWT承载身份不';行不通,c#,asp.net-core,asp.net-identity,C#,Asp.net Core,Asp.net Identity,在向api方法发送头之后,它会为我抛出401错误。我不明白为什么。这是我的配置 API控制器 [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] public class AdminApiController : Controller { private readonly IAdminService _adminService; public AdminApiController

在向api方法发送头之后,它会为我抛出401错误。我不明白为什么。这是我的配置

API控制器

[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
public class AdminApiController : Controller
{
    private readonly IAdminService _adminService;

    public AdminApiController(IAdminService adminService)
    {
        _adminService = adminService;
    }

    [HttpPost]
    [Authorize(Roles = "Admin")]
    [Route("/api/rooms/add")]
    public async Task<IActionResult> AddRoom([FromBody]QuestRoomDto room)
    {
        return Ok(await _adminService.AddRoom(room));
    }
}

[授权(AuthenticationSchemes=JwtBearerDefaults.AuthenticationScheme)]
公共类AdminApicController:控制器
{
私有只读IAdminService\u adminService;
公共管理员控制器(IAdminService管理员服务)
{
_adminService=adminService;
}
[HttpPost]
[授权(Roles=“Admin”)]
[路线(“/api/rooms/add”)]
公共异步任务添加室([FromBody]QuestRoomDto室)
{
返回Ok(等待_adminService.AddRoom(room));
}
}
配置

services.AddIdentity<Customer, CustomerRole>()
            .AddEntityFrameworkStores<CustomerDbContext>()
            .AddDefaultTokenProviders();
        //Configure Jwt authentication
        JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
        services.AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
        })
        .AddJwtBearer(cfg =>
        {
            cfg.RequireHttpsMetadata = false;
            cfg.SaveToken = true;
            cfg.TokenValidationParameters = new TokenValidationParameters
            {
                ValidIssuer = configuration["JwtIssuer"],
                ValidAudience = configuration["JwtIssuer"],
                ValidateIssuer = true,
                ValidateAudience = true,
                ValidateLifetime = true,
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["JwtKey"])),
                ClockSkew = TimeSpan.Zero 
            };
        });

services.AddIdentity()
.AddEntityFrameworkStores()
.AddDefaultTokenProviders();
//配置Jwt身份验证
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(选项=>
{
options.DefaultAuthenticateScheme=JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme=JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme=JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(cfg=>
{
cfg.RequireHttpsMetadata=false;
cfg.SaveToken=true;
cfg.TokenValidationParameters=新的TokenValidationParameters
{
ValidIssuer=配置[“JwtIssuer”],
Validudience=配置[“JwtIssuer”],
validateisuer=true,
ValidateAudience=true,
ValidateLifetime=true,
IssuerSigningKey=new-SymmetricSecurityKey(Encoding.UTF8.GetBytes(配置[“JwtKey]”)),
时钟偏移=时间跨度0
};
});
我有两个角色(管理员/用户)。即使我将此方法设置为任何授权人员,此方法也不起作用。

您的头是什么样子的?我使用邮递员发送头-“持票人{token}”401是授权失败的结果。它通常表示令牌已过期或无效,或者在本例中不包含管理员角色的角色声明。您没有在
TokenValidationParameters
中定义
RoleClaimType
,因此这可能是一个很好的起点。