不记名令牌不适用于我的 WebAPI 授权属性角色,用户名为空

bearer token is not working with my Authorize Attribute Roles with WebAPI, Username is null

"Message": "An error has occurred.",

"ExceptionMessage": "Value cannot be null. Parameter name: username",

"ExceptionType": "System.ArgumentNullException",

"StackTrace": "at System.Web.Util.SecUtility.CheckParameter(String& param, Boolean checkForNull, Boolean checkIfEmpty, Boolean checkForCommas, Int32 maxSize, String paramName)

这是我的代码:


public class AuthorizeAttribute : System.Web.Http.AuthorizeAttribute
    {
        protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
        {
            if (!HttpContext.Current.User.Identity.IsAuthenticated)
                base.HandleUnauthorizedRequest(actionContext);
            else
                actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Forbidden);
        }
    }

public class MyOAuthProvider : OAuthAuthorizationServerProvider
{
    public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
    {
        context.Validated();
    }

    public override async Task GrantResourceOwnerCredentials(
        OAuthGrantResourceOwnerCredentialsContext context)
    {
        var identity = new ClaimsIdentity(context.Options.AuthenticationType);
        string username = context.UserName;
        string password = context.Password;
        if (Membership.ValidateUser(username, password))
        {
            using (var ee = new DBEntities())
            {
                MembershipUser mu = Membership.GetUser(username);
                Guid guid = (Guid)mu.ProviderUserKey;
                string roles = string.Join(",", Roles.GetRolesForUser(username));
                identity.AddClaim(new Claim(ClaimTypes.Role, roles));
                identity.AddClaim(new Claim("username", username));
                context.Validated(identity);
            }
        }
        else
        {
            context.SetError("Login Field", "Error username or password");
        }
    }
}

我在以下位置找到了解决方案:这个 post
问题出在这一行

identity.AddClaim(new Claim("username", username));

我把"username"改成ClaimTypes.Name

identity.AddClaim(new Claim(ClaimTypes.Name, username));