call

call

关注
发信
如何使用C#进行排序IP地址列表
NOCHECK 不会禁用外键引用
formatnumber函数返回错误
使用GPS和C#映射
如何从c#接收本地ip地址到android
如何检测访问者的国家/地区?
使用django.template时出错
Woocommerce上的购物车中有特定产品时,从国家列表中删除加拿大
如何将zerorpc作为greenlet运行?
在Javascript中在图像上绘制网格线
查找单色位图对象的边界矩形
在不访问任何数据的 NULL 指针上调用方法是否会失败?
如何使手风琴保持打开状态
如何改变在Android数据库存储路径?
Java的code为简单的动画只能在Windows上运行

承载错误-invalid_token-找不到签名密钥

扫码查看
本文介绍了承载错误-invalid_token-找不到签名密钥的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有一个与.Net Core 2.2 API后端接口的Angular 7应用程序.这是与Azure Active Directory的接口.

I have an Angular 7 application interfacing with a .Net Core 2.2 API back-end. This is interfacing with Azure Active Directory.

在Angular 7方面,它已通过AAD进行了正确的身份验证,并且我得到了有效的JWT,如 jwt.io .

On the Angular 7 side, it is authenticating properly with AAD and I am getting a valid JWT back as verified on jwt.io.

在.Net Core API方面,我创建了一个简单的测试API,上面有[Authorize].

On the .Net Core API side I created a simple test API that has [Authorize] on it.

当我从Angular调用此方法时,添加Bearer令牌后,我得到了(如Chrome调试工具的网络"标签中的标题"所示):

When I call this method from Angular, after adding the Bearer token, I am getting (as seen in Chrome Debug Tools, Network tab, "Headers"):

使用 HTTP/1.1 401未经授权.

简单的测试API是:

    [Route("Secure")]
    [Authorize]
    public IActionResult Secure() => Ok("Secure works");

Angular调用代码也很简单:

The Angular calling code is also as simple as I can get it:

    let params : any = {
        responseType: 'text',
        headers: new HttpHeaders({
            "Authorization": "Bearer " + token,
            "Content-Type": "application/json"
        })
    }

    this.http
        .get("https://localhost:5001/api/azureauth/secure", params)
        .subscribe(
            data => { },
            error => { console.error(error); }
        );

如果我删除了[Authorize]属性,只是将其作为来自Angular的标准GET请求调用,它就可以正常工作.

If I remove the [Authorize] attribute and just call this as a standard GET request from Angular it works fine.

我的Startup.cs包含:

My Startup.cs contains:

        services
            .AddAuthentication(AzureADDefaults.AuthenticationScheme)
            .AddAzureADBearer(options => this.Configuration.Bind("AzureAd", options));

所有选项均已在appsettings.json中正确设置(例如ClientId,TenantId等),并且options此处已按预期填充.

The options are all properly set (such as ClientId, TenantId, etc) in the appsettings.json and options here is populating as expected.

推荐答案

我遇到了同样的问题,因为我缺少授权..确保授权和api名称正确,现在启动文件中配置服务中的此代码适用于我:

I was facing the same issue was i was missing the authority..make sure authority and api name is correct now this code in configure services in startup file works for me:

services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
                .AddIdentityServerAuthentication( x =>
                {
                    x.Authority = "http://localhost:5000"; //idp address
                    x.RequireHttpsMetadata = false;
                    x.ApiName = "api2"; //api name
                });

这篇关于承载错误-invalid_token-找不到签名密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-05 18:43
查看更多
Powered by LMLPHP ©2025 call 0.033252