将Web API身份验证从.NET Core 1.1迁移到2.0

编程入门行业动态更新时间:2024-10-26 18:26:03

本文介绍了将Web API身份验证从.NET Core 1.1迁移到2.0的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！问题描述

我正在尝试将旧的身份验证转换为.NET 2.0.我有以下代码:

I'm trying to convert my old authentication to .NET 2.0. I had the following code:

app.UseJwtBearerAuthentication(new JwtBearerOptions { AutomaticAuthenticate = true, IncludeErrorDetails = true, Authority = "securetoken.google/xxxxx", TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidIssuer = "securetoken.google/xxxxxx", ValidateAudience = true, ValidAudience = "xxxx", ValidateLifetime = true, }, });

我的新代码如下:

public void Configure(...) { ... app.UseAuthentication(); ... } public void ConfigureServices(IServiceCollection services) { ... services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.RequireHttpsMetadata = false; options.IncludeErrorDetails = true; options.Authority = "securetoken.google/xxxxxx"; options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidIssuer = "securetoken.google/xxxxx", ValidateAudience = true, ValidAudience = "xxxxxx", ValidateLifetime = true, }; }); ... services.AddMvc(); services.AddAuthorization(......); }

但是在2.0中，我得到了404响应.如果我从端点删除[Authorize]属性，它将起作用.我的输出窗口显示如下:

But in 2.0 I'm getting a 404 response. If I remove the [Authorize] attribute from my endpoint, it works. My output window shows this:

Microsoft.AspNetCore.Hosting.Internal.WebHost:信息:请求开始HTTP/1.1 GET localhost:62423/api/users/info Microsoft.AspNetCore.Authorization.DefaultAuthorizationService:信息: 用户授权失败:(空). Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:信息: 过滤器中的请求授权失败 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'. Microsoft.AspNetCore.Mvc.ChallengeResult:信息:正在执行带有身份验证方案()的ChallengeResult.

Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 GET localhost:62423/api/users/info Microsoft.AspNetCore.Authorization.DefaultAuthorizationService:Information: Authorization failed for user: (null). Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information: Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'. Microsoft.AspNetCore.Mvc.ChallengeResult:Information: Executing ChallengeResult with authentication schemes ().

Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler:信息: AuthenticationScheme:Identity.Application已受到挑战. Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:信息: 已执行的动作 SORTE.API.ContentManager.Controllers.UsersController.Info (SORTE.API.ContentManager)在24.0837毫秒内 Microsoft.AspNetCore.Hosting.Internal.WebHost:信息:请求于35.2446毫秒完成302 Microsoft.AspNetCore.Hosting.Internal.WebHost:信息:请求开始HTTP/1.1 GET localhost:62423/Account/Login?ReturnUrl =％2Fapi％ 2Fusers％2Finfo Microsoft.AspNetCore.Hosting.Internal.WebHost:信息:请求在5.8149ms内完成404

Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler:Information: AuthenticationScheme: Identity.Application was challenged. Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information: Executed action SORTE.API.ContentManager.Controllers.UsersController.Info (SORTE.API.ContentManager) in 24.0837ms Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 35.2446ms 302 Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 GET localhost:62423/Account/Login?ReturnUrl=%2Fapi%2Fusers%2Finfo Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 5.8149ms 404

由于日志错误，似乎正在尝试将我重定向到/Account/Login，但是我没有这样的终结点，我的项目是Web API.

From the log errors, it seems that it's trying to redirect me to /Account/Login, but I don't have such endpoint, my project is a Web API.

我缺少一些配置吗?

推荐答案

直到我阅读此.

当我们使用Authorize属性时，默认情况下它实际上绑定到第一个身份验证系统.

When we use the Authorize attribute, it actually binds to the first authentication system by default.

解决方案是指定要使用的方案(JwtBearer):

The solution was especify wich scheme to use (JwtBearer):

[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Policy = "PoliceName")]

现在我可以获得状态200(带有有效令牌)和401(未经授权-无效令牌)

Now i can get status 200 (with valid token) and 401 (unauthorized - invalid token)