C#JWT令牌授权始终返回错误
我有个大问题。我在我的API中创建了一个JWT授权,当我请求生成令牌时没有问题,但是当我尝试使用[Authorize(“Bearer”)]向某个控制器发出带有Auth头的请求时,它总是返回Bearer error=“invalid\u Token”,不,没有错误描述或类似的内容 我正在使用.NETCore3.1 解决方案 我不知道为什么,但我不能使用多个声明,所以我在我的令牌生成中只允许一个声明,并且成功了。(?) 这是我的Startup.csC#JWT令牌授权始终返回错误,c#,asp.net-core,jwt,C#,Asp.net Core,Jwt,我有个大问题。我在我的API中创建了一个JWT授权,当我请求生成令牌时没有问题,但是当我尝试使用[Authorize(“Bearer”)]向某个控制器发出带有Auth头的请求时,它总是返回Bearer error=“invalid\u Token”,不,没有错误描述或类似的内容 我正在使用.NETCore3.1 解决方案 我不知道为什么,但我不能使用多个声明,所以我在我的令牌生成中只允许一个声明,并且成功了。(?) 这是我的Startup.cs using System; using Micro
using System;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using API_allinone.Singleton;
using Microsoft.AspNetCore.SignalR;
using API_allinone.Auth;
using Microsoft.IdentityModel.Tokens;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Authentication.JwtBearer;
namespace API_allinone
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options => options.AddPolicy("All",
builder =>
{
builder.AllowAnyHeader()
.AllowAnyMethod()
.SetIsOriginAllowed((host) => true)
.AllowCredentials();
}));
services.AddScoped<IAuthenticateService, TokenAuthenticateService>();
services.AddScoped<IUserService, UserService>();
services.Configure<AuthConfiguration>(Configuration.GetSection("TokenConfigurations"));
var Token = Configuration.GetSection("TokenConfigurations").Get<AuthConfiguration>();
var signingConfiguration = new SigningConfiguration();
services.AddSingleton(signingConfiguration);
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x =>
{
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = signingConfiguration.Key,
ValidAudience = Token.Audience,
ValidIssuer = Token.Issuer,
ValidateLifetime = true,
ValidateAudience = false,
ValidateIssuer = false,
ClockSkew = TimeSpan.FromMinutes(0)
};
});
services.AddAuthorization(auth =>
{
auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser().Build());
});
services.AddMvc()
.AddJsonOptions(opt => opt.JsonSerializerOptions.PropertyNamingPolicy = null)
.SetCompatibilityVersion(CompatibilityVersion.Version_3_0);
services.AddSignalR();
services.AddControllers();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IServiceProvider service)
{
app.UseDeveloperExceptionPage();
app.UseRouting();
app.UseCors("All");
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(configur =>
{
configur.MapHub<Hubs.ProdutosHub>("/produtoshub");
configur.MapHub<Hubs.DashboardHub>("/dashboardhub");
configur.MapHub<Hubs.GeralHub>("/geralhub");
//configur.MapControllerRoute("Default", "{controller}/{action=Index}/{id?}");
configur.MapControllers();
});
SDashboard
.GetInstance()
.SetContext(service.GetService<IHubContext<Hubs.DashboardHub, Hubs.IDashboardHub>>());
SGeral
.GetInstance()
.SetContext(service.GetService<IHubContext<Hubs.GeralHub, Hubs.IGeralHub>>());
}
}
}
和AuthController.cs
using System;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using API_allinone.Auth;
using API_allinone.Model;
using Microsoft.Extensions.Options;
namespace API_allinone.Controllers
{
[Route("[controller]")]
[ApiController]
public class AuthController : ControllerBase
{
private readonly IAuthenticateService _authService;
public AuthController(IAuthenticateService authenticateService)
{
_authService = authenticateService;
}
public int GetEmpresa()
{
int Empresa = 0;
var User = HttpContext.User.Identity as ClaimsIdentity;
var Claims = User.Claims;
var Codigo = User.Claims.Where(w => w.Type == JwtRegisteredClaimNames.Sid).FirstOrDefault()?.Value;
if (!string.IsNullOrEmpty(Codigo))
Empresa = Convert.ToInt32(Codigo);
return Empresa;
}
public int GetFuncionario()
{
int Funcionario = 0;
var User = HttpContext.User.Identity as ClaimsIdentity;
var Claims = User.Claims;
var Codigo = User.Claims.Where(w => w.Type == ClaimTypes.Actor).FirstOrDefault()?.Value;
if (!string.IsNullOrEmpty(Codigo))
Funcionario = Convert.ToInt32(Codigo);
return Funcionario;
}
[HttpPost]
public IActionResult Post([FromBody]AuthBody AuthRequest, [FromServices]IOptions<AuthConfiguration> AuthConfiguration)
{
var Logado = Usuario.LogIn(AuthRequest.Login, AuthRequest.Senha, Empresa.GetId(AuthRequest.Empresa));
if (_authService.IsAuthenticated(AuthRequest, out string Token))
{
return Ok(new
{
Authenticate = true,
Created = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"),
Expiration = DateTime.Now.AddSeconds(AuthConfiguration.Value.AccessExpiration),
AccessToken = Token,
Message = "Acesso Autorizado",
Empresa = Empresa.Get(AuthRequest.Empresa),
Usuario = Logado
});
}
return BadRequest("Invalid Request");
}
[HttpGet]
[Authorize("Bearer")]
public IActionResult Valide()
{
var funcionario = new Funcionario(GetFuncionario());
return Ok(new
{
Funcionario = funcionario,
Empresa = Empresa.Get(GetEmpresa()),
Acesso = Usuario.GetAcesso(funcionario.Id),
Usuario = Usuario.Get(GetFuncionario(), GetEmpresa())
});
}
}
}
使用系统;
使用System.IdentityModel.Tokens.Jwt;
使用System.Linq;
使用System.Security.Claims;
使用Microsoft.AspNetCore.Authorization;
使用Microsoft.AspNetCore.Http;
使用Microsoft.AspNetCore.Mvc;
使用API_allinone.Auth;
使用API_allinone.Model;
使用Microsoft.Extensions.Options;
名称空间API_allinone.Controllers
{
[路线(“[控制器]”)]
[ApiController]
公共类AuthController:ControllerBase
{
私有只读IAAuthenticateService\u authService;
公共AuthController(IAAuthenticateService authenticateService)
{
_authService=authenticateService;
}
public int GetEmpresa()
{
int Empresa=0;
var User=HttpContext.User.Identity作为ClaimsIdentity;
var索赔=User.Claims;
var Codigo=User.Claims.Where(w=>w.Type==JwtRegisteredClaimNames.Sid).FirstOrDefault()?.Value;
如果(!string.IsNullOrEmpty(Codigo))
Empresa=转换为32(Codigo);
返回Empresa;
}
public int getFunctionario()
{
int functionaio=0;
var User=HttpContext.User.Identity作为ClaimsIdentity;
var索赔=User.Claims;
var Codigo=User.Claims.Where(w=>w.Type==ClaimTypes.Actor).FirstOrDefault()?.Value;
如果(!string.IsNullOrEmpty(Codigo))
Funcionario=Convert.ToInt32(Codigo);
返回函数;
}
[HttpPost]
公共IActionResult Post([FromBody]AuthBody AuthRequest,[FromServices]IOptions AuthConfiguration)
{
var Logado=Usuario.LogIn(AuthRequest.LogIn,AuthRequest.Senha,Empresa.GetId(AuthRequest.Empresa));
if(_authService.IsAuthenticated(AuthRequest,out string令牌))
{
返回Ok(新的
{
验证=真,
Created=DateTime.Now.ToString(“yyyy-MM-dd HH:MM:ss”),
Expiration=DateTime.Now.AddSeconds(AuthConfiguration.Value.AccessExpiration),
AccessToken=Token,
Message=“Acesso Autorizado”,
Empresa=Empresa.Get(AuthRequest.Empresa),
Usuario=Logado
});
}
返回错误请求(“无效请求”);
}
[HttpGet]
[授权(“持票人”)]
公共IActionResult Valide()
{
var funcionario=new funcionario(GetFuncionario());
返回Ok(新的
{
Funcionario=Funcionario,
Empresa=Empresa.Get(GetEmpresa()),
Acesso=Usuario.GetAcesso(functionario.Id),
Usuario=Usuario.Get(GetFunctionario(),GetEmpresa())
});
}
}
}
您是否尝试使用[授权(AuthenticationSchemes=JwtBearerDefaults.AuthenticationScheme)]
而不是[授权(“承载人”)]
?能否显示请求的授权标头?我想我知道你的问题。@Hameed是的,我也试过。@Nikolaus授权:持票人Eyjhbgcioizuzi1niisinr5cci6ikpxvcj9.Eyj1bmlxdwvfbmftzsi6ijexms4xmteumtextelxiiwanrpijjflmdxotg4zdvindrzmzmzmzmztq4njkoge3wuiljy3rvcnqiixmteumtexljexms0xmsisinpzci6imnintu3yjyjyjuyjuyjuyuymyioje1otcxoti…
我建议在Jwt门户网站上验证您的代币。如果它是有效的。。。也许签名和验证的秘密是不同的。
using System;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using API_allinone.Auth;
using API_allinone.Model;
using Microsoft.Extensions.Options;
namespace API_allinone.Controllers
{
[Route("[controller]")]
[ApiController]
public class AuthController : ControllerBase
{
private readonly IAuthenticateService _authService;
public AuthController(IAuthenticateService authenticateService)
{
_authService = authenticateService;
}
public int GetEmpresa()
{
int Empresa = 0;
var User = HttpContext.User.Identity as ClaimsIdentity;
var Claims = User.Claims;
var Codigo = User.Claims.Where(w => w.Type == JwtRegisteredClaimNames.Sid).FirstOrDefault()?.Value;
if (!string.IsNullOrEmpty(Codigo))
Empresa = Convert.ToInt32(Codigo);
return Empresa;
}
public int GetFuncionario()
{
int Funcionario = 0;
var User = HttpContext.User.Identity as ClaimsIdentity;
var Claims = User.Claims;
var Codigo = User.Claims.Where(w => w.Type == ClaimTypes.Actor).FirstOrDefault()?.Value;
if (!string.IsNullOrEmpty(Codigo))
Funcionario = Convert.ToInt32(Codigo);
return Funcionario;
}
[HttpPost]
public IActionResult Post([FromBody]AuthBody AuthRequest, [FromServices]IOptions<AuthConfiguration> AuthConfiguration)
{
var Logado = Usuario.LogIn(AuthRequest.Login, AuthRequest.Senha, Empresa.GetId(AuthRequest.Empresa));
if (_authService.IsAuthenticated(AuthRequest, out string Token))
{
return Ok(new
{
Authenticate = true,
Created = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"),
Expiration = DateTime.Now.AddSeconds(AuthConfiguration.Value.AccessExpiration),
AccessToken = Token,
Message = "Acesso Autorizado",
Empresa = Empresa.Get(AuthRequest.Empresa),
Usuario = Logado
});
}
return BadRequest("Invalid Request");
}
[HttpGet]
[Authorize("Bearer")]
public IActionResult Valide()
{
var funcionario = new Funcionario(GetFuncionario());
return Ok(new
{
Funcionario = funcionario,
Empresa = Empresa.Get(GetEmpresa()),
Acesso = Usuario.GetAcesso(funcionario.Id),
Usuario = Usuario.Get(GetFuncionario(), GetEmpresa())
});
}
}
}