不记名令牌不适用于我的 WebAPI 授权属性角色,用户名为空
bearer token is not working with my Authorize Attribute Roles with WebAPI, Username is null
- 我可以登录并通过 Postman http://localhost:58507/token 获取令牌密钥
- 我可以只用[授权]属性
调用一个api
- 但是当我设置角色时 [Authorize(Roles= "Admin")] 我得到这个服务器内部错误:
"Message": "An error has occurred.",
"ExceptionMessage": "Value cannot be null. Parameter name: username",
"ExceptionType": "System.ArgumentNullException",
"StackTrace": "at System.Web.Util.SecUtility.CheckParameter(String& param, Boolean checkForNull, Boolean checkIfEmpty, Boolean checkForCommas, Int32 maxSize, String paramName)
这是我的代码:
- AuthorizeAttribute Class:
public class AuthorizeAttribute : System.Web.Http.AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
if (!HttpContext.Current.User.Identity.IsAuthenticated)
base.HandleUnauthorizedRequest(actionContext);
else
actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Forbidden);
}
}
- OAuthAuthorizationServerProvider Class :
public class MyOAuthProvider : OAuthAuthorizationServerProvider
{
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
context.Validated();
}
public override async Task GrantResourceOwnerCredentials(
OAuthGrantResourceOwnerCredentialsContext context)
{
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
string username = context.UserName;
string password = context.Password;
if (Membership.ValidateUser(username, password))
{
using (var ee = new DBEntities())
{
MembershipUser mu = Membership.GetUser(username);
Guid guid = (Guid)mu.ProviderUserKey;
string roles = string.Join(",", Roles.GetRolesForUser(username));
identity.AddClaim(new Claim(ClaimTypes.Role, roles));
identity.AddClaim(new Claim("username", username));
context.Validated(identity);
}
}
else
{
context.SetError("Login Field", "Error username or password");
}
}
}
我在以下位置找到了解决方案:这个 post
问题出在这一行
identity.AddClaim(new Claim("username", username));
我把"username"改成ClaimTypes.Name
identity.AddClaim(new Claim(ClaimTypes.Name, username));
- 我可以登录并通过 Postman http://localhost:58507/token 获取令牌密钥
- 我可以只用[授权]属性 调用一个api
- 但是当我设置角色时 [Authorize(Roles= "Admin")] 我得到这个服务器内部错误:
"Message": "An error has occurred.",
"ExceptionMessage": "Value cannot be null. Parameter name: username",
"ExceptionType": "System.ArgumentNullException",
"StackTrace": "at System.Web.Util.SecUtility.CheckParameter(String& param, Boolean checkForNull, Boolean checkIfEmpty, Boolean checkForCommas, Int32 maxSize, String paramName)
这是我的代码:
- AuthorizeAttribute Class:
public class AuthorizeAttribute : System.Web.Http.AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
if (!HttpContext.Current.User.Identity.IsAuthenticated)
base.HandleUnauthorizedRequest(actionContext);
else
actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Forbidden);
}
}
- OAuthAuthorizationServerProvider Class :
public class MyOAuthProvider : OAuthAuthorizationServerProvider
{
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
context.Validated();
}
public override async Task GrantResourceOwnerCredentials(
OAuthGrantResourceOwnerCredentialsContext context)
{
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
string username = context.UserName;
string password = context.Password;
if (Membership.ValidateUser(username, password))
{
using (var ee = new DBEntities())
{
MembershipUser mu = Membership.GetUser(username);
Guid guid = (Guid)mu.ProviderUserKey;
string roles = string.Join(",", Roles.GetRolesForUser(username));
identity.AddClaim(new Claim(ClaimTypes.Role, roles));
identity.AddClaim(new Claim("username", username));
context.Validated(identity);
}
}
else
{
context.SetError("Login Field", "Error username or password");
}
}
}
我在以下位置找到了解决方案:这个 post
问题出在这一行
identity.AddClaim(new Claim("username", username));
我把"username"改成ClaimTypes.Name
identity.AddClaim(new Claim(ClaimTypes.Name, username));