在我的 core 2.2 微服务中,我尝试从 JWT 令牌中提取声明以进行一些授权.身份验证是在系统的另一部分完成的,所以我现在不需要这样做.
in my core 2.2 microservice, I try to extract claims from a JWT token to do some authorization. authentication is done on another part of the system so I don't need to do it at this point.
我在 Startup.cs 中使用此代码:
I am using this code in the Startup.cs:
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { var signingKey = Encoding.UTF8.GetBytes("SECRET_KEY"); options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = false, ValidateAudience = false, IssuerSigningKey = new SymmetricSecurityKey(signingKey) }; });在控制器上我有这个代码:
On the controller I have this code:
[Authorize] [HttpPost] public async Task<ActionResult<CreateResponse>> Create() { var userIdClaim = HttpContext.User.Claims.Where(x => x.Type == "empId").SingleOrDefault(); return Ok($"Your User ID is {userIdClaim.Value} and you can create invoices!"); }我总是收到此错误消息和未经授权"的响应:
I always get this error message and "Unauthorized" response:
Microsoft.IdentityModel.Tokens.SecurityTokenInvalidSignatureException:IDX10503:签名验证失败.尝试的键:'[PII 被隐藏]'.捕获的异常:'[PII 被隐藏]'.token: '[PII is hidden]'.
Microsoft.IdentityModel.Tokens.SecurityTokenInvalidSignatureException: IDX10503: Signature validation failed. Keys tried: '[PII is hidden]'. Exceptions caught: '[PII is hidden]'. token: '[PII is hidden]'.
推荐答案在Startup类的Configure()中加入如下代码可以看到开发中隐藏的细节:
You can see the hidden details in development by adding the following to Configure() in the Startup class:
if (env.IsDevelopment()) { IdentityModelEventSource.ShowPII = true; }收到完整消息后,请检查所使用的密钥对于令牌是否正确.
Once you have the full message check the key being used is correct for the token.
更多推荐
JWT 令牌身份验证失败并显示消息“PII 已隐藏"
发布评论