ConfigureServices中: #region 注册认证服务
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(o =>
{
o.TokenValidationParameters = new TokenValidationParameters
{
ValidIssuer = "Issuer",
ValidAudience = "Audience",
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("JwtAuth:SecurityKey")),
RequireSignedTokens = true,
ValidateAudience = false,
ValidateIssuer = true,
ValidateIssuerSigningKey = true,
RequireExpirationTime = true,
ClockSkew = TimeSpan.FromSeconds(300),
ValidateLifetime = true
};
});
#endregion
Configure中:app.UseAuthentication().UseMvc();
controller中: [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme,Policy = "xxxxx")]
public class XXXController : Controller
{
//do....
}
这样功能都正常,但是controller中把AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme去掉就会认证失败,之前的项目中一样的写法没加过这个,为什么现在就需要加这个?仔细看了下控制台输出info,不加一段会显示使用默认认证方式去认证,结果失败,加上之后显示使用JwtBearer认证成功(仅限第一次,之后再有调用就显示默认认证成功了),不知道是哪里的问题,感觉是哪里没设置对?参考了一下这个https://stackoverflow.com/questions/51263883/webapi-authorize-attribute-with-services-addidentity-returns-404-not-found里面说的,但是也不太明白,望大神给指点下。
最后希望大家能给推荐点认证过程介绍的文章;)
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(o =>
{
o.TokenValidationParameters = new TokenValidationParameters
{
ValidIssuer = "Issuer",
ValidAudience = "Audience",
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("JwtAuth:SecurityKey")),
RequireSignedTokens = true,
ValidateAudience = false,
ValidateIssuer = true,
ValidateIssuerSigningKey = true,
RequireExpirationTime = true,
ClockSkew = TimeSpan.FromSeconds(300),
ValidateLifetime = true
};
});
#endregion
Configure中:app.UseAuthentication().UseMvc();
controller中: [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme,Policy = "xxxxx")]
public class XXXController : Controller
{
//do....
}
这样功能都正常,但是controller中把AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme去掉就会认证失败,之前的项目中一样的写法没加过这个,为什么现在就需要加这个?仔细看了下控制台输出info,不加一段会显示使用默认认证方式去认证,结果失败,加上之后显示使用JwtBearer认证成功(仅限第一次,之后再有调用就显示默认认证成功了),不知道是哪里的问题,感觉是哪里没设置对?参考了一下这个https://stackoverflow.com/questions/51263883/webapi-authorize-attribute-with-services-addidentity-returns-404-not-found里面说的,但是也不太明白,望大神给指点下。
最后希望大家能给推荐点认证过程介绍的文章;)
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货