Oauth 2.0 无法在Web Core API v1中获取用户标识集
我有一个WebCoreAPI版本1项目,当我通过Postman调用一个方法时,我发现[Authorize]标记不起作用。 在我的Web API中,我的启动如下所示(为可读性而编辑)Oauth 2.0 无法在Web Core API v1中获取用户标识集,oauth-2.0,identityserver4,asp.net-core-webapi,Oauth 2.0,Identityserver4,Asp.net Core Webapi,我有一个WebCoreAPI版本1项目,当我通过Postman调用一个方法时,我发现[Authorize]标记不起作用。 在我的Web API中,我的启动如下所示(为可读性而编辑) 如何更正此问题?您应该添加AddAuthorization方法以在web api中启用授权服务: services.AddMvcCore() .AddAuthorization() .AddJsonFormatters(); 在何处添加[授权]属性?您
如何更正此问题?您应该添加
AddAuthorization
方法以在web api中启用授权服务:
services.AddMvcCore()
.AddAuthorization()
.AddJsonFormatters();
在何处添加[授权]属性?您是否使用过期的令牌访问您的web api,并且它仍然有效?我在控制器的开头使用authorize属性。如果我不发送访问令牌,它仍会执行代码。
public class Startup
{
// This method gets called by the runtime. Use this method to add services to the container.
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
public void ConfigureServices(IServiceCollection services)
{
services.AddIdentityServer()
.AddSigningCredential(new X509Certificate2(Settings.CertPath, Settings.Password))
.AddTestUsers(InMemoryConfiguration.Users().ToList())
.AddInMemoryClients(InMemoryConfiguration.Clients())
.AddInMemoryApiResources(InMemoryConfiguration.ApiResources());
services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(options =>
{
options.RequireHttpsMetadata = false;
options.Authority = Settings.AuthorityUrl;
options.ApiName = Settings.ApiName;
});
services.AddMvc();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole();
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMiddleware<StackifyMiddleware.RequestTracerMiddleware>();
app.UseIdentityServer();
app.UseStaticFiles();
app.UseMvcWithDefaultRoute();
}
}
[HttpGet("get")]
public async Task<IActionResult> Get()
{
var claims = User.Claims;
var username = User.Identity.Name;
this.NLogger.Info("api/comboboxdata/get".ToPrefix());
try
{
var container = new ComboBoxData(this.SirUoW);
return Ok(container);
}
catch (Exception e)
{
var message = "Error getting combo box data";
await ReportException(e, message);
var status = OperationStatus.CreateFromException(message, e);
return BadRequest(status);
}
}
[Authorize]
[Route("api/comboboxdata")]
public class ComboBoxDataController : BaseSirController
{
services.AddMvcCore()
.AddAuthorization()
.AddJsonFormatters();