向 ASP.Net 5 应用程序添加 OAuth Bearer 授权策略的问题

本文介绍了向 ASP.Net 5 应用程序添加 OAuth Bearer 授权策略的问题的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在使用 OAuth Bearer 令牌构建 REST API 作为我的身份验证方法.因此，我尝试添加授权策略，以便我可以执行诸如 [Authorize("Bearer")] 之类的操作.然而，当我去测试我的新授权策略时，抛出一个异常声明

I am building a REST API using OAuth Bearer tokens as my method of authentication. So, I attempted to add an authorization policy so that I could do something like [Authorize("Bearer")]. However, when I go to test my new authorization policy, an exception is thrown stating

不接受以下身份验证方案:Bearer

我尝试了多种方法来试图阻止抛出此异常，但我没有任何运气.我的启动课程可以在 https://gist.github.com/mw2nukeboy/4b6cc7d348ac60336b03 找到.

I've tried multiple things in an attempt to stop this exception from being thrown, but I haven't had any luck. My Startup class can be found at https://gist.github.com/mw2nukeboy/4b6cc7d348ac60336b03.

推荐答案

更新: 在最近的测试版中，不再可能从 ConfigureServices 配置安全选项(除了 Identity).您现在需要在调用 app.UseJwtBearerAuthentication() 时直接配置 JWT 选项:

Update: in recent betas, configuring security options from ConfigureServices is no longer possible (except for Identity). You now need to directly configure the JWT options when calling app.UseJwtBearerAuthentication():

public void Configure(IApplicationBuilder app) {
    app.UseJwtBearerAuthentication(options => {
        // Configure the JWT options here.
    });
}

您忘记在管道中添加 OAuth2 不记名身份验证中间件:

You forgot to add the OAuth2 bearer authentication middleware in your pipeline:

public void Configure(IApplicationBuilder app, IHostingEnvironment env) {
    app.UseStaticFiles();

    app.UseOAuthBearerAuthentication();

    app.UseIdentity();

    app.UseMvc(routes => {
        routes.MapRoute(
            name: "default",
            template: "api/{controller}/{action}/{id?}",
            defaults: new {
                controller = "Home",
                action = "Index"

            });
    });
}

您也没有使用推荐的方法来注册 OAuth2 承载中间件使用的设置:

You're also not using the recommended approach to register the settings used by the OAuth2 bearer middleware:

public void ConfigureServices(IServiceCollection services) {
    // Not recommended approach.
    services.AddInstance(new OAuthBearerAuthenticationOptions { });

    // Recommended approach.
    services.ConfigureOAuthBearerAuthentication(options => {
        // Configure the options used by the OAuth2 bearer middleware.
    });
}

这篇关于向 ASP.Net 5 应用程序添加 OAuth Bearer 授权策略的问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！