MetadataAddress 或 Authority 必须使用 HTTPS,除非通过设置 RequireHttpsMetadata=false 禁用开发
The MetadataAddress or Authority must use HTTPS unless disabled for development by setting RequireHttpsMetadata=false
网络核心应用。我添加了 azure 广告身份验证。下面是我的 startup.cs 文件
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.SaveToken = true;
options.RequireHttpsMetadata = true;
options.Authority = $"{authSettings.Authority}/{authSettings.TenantId}";
options.Audience = authSettings.ClientId;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuer = true,
ValidateIssuerSigningKey = false,
ValidateActor = false,
};
});
我已经将应用程序部署到 Azure 应用程序服务。它部署成功。我打开 swagger 并进行身份验证并尝试点击 api。它抛出 500 错误。我去了 azure 应用服务日志流。它向我显示以下错误消息。
/appsvctmp/volatile/logs/runtime/0ad1b1161bafbb0b8662db769e40eca0226d3d1d7d4737bdbe13f88e8a4f089b.log
2020-07-18T03:48:32.615339369Z: [INFO] Hosting environment: Production
2020-07-18T03:48:32.615384568Z: [INFO] Content root path: /app
2020-07-18T03:48:32.616251458Z: [INFO] Now listening on: http://[::]:8081
2020-07-18T03:48:32.616952250Z: [INFO] Application started. Press Ctrl+C to shut down.
/appsvctmp/volatile/logs/runtime/f342b472edabea44dc320f2bfa84254b92f9d5ddb433c5d248c4cae636eecd28.log
2020-07-18T05:04:03.313150755Z: [INFO] Hosting environment: Production
2020-07-18T05:04:03.313765848Z: [INFO] Content root path: /app
2020-07-18T05:04:03.314598838Z: [INFO] Now listening on: http://[::]:8081
2020-07-18T05:04:03.315059032Z: [INFO] Application started. Press Ctrl+C to shut down.
Ending Log Tail of existing logs ---
Starting Live Log Stream ---
2020-07-18T05:12:23 No new trace in the past 1 min(s).
2020-07-18T05:13:23 No new trace in the past 2 min(s).
2020-07-18T05:13:39.265412299Z: [INFO] [41m[30mfail[39m[22m[49m: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware[1]
2020-07-18T05:13:39.265449199Z: [INFO] An unhandled exception has occurred while executing the request.
2020-07-18T05:13:39.265456199Z: [INFO] System.InvalidOperationException: The MetadataAddress or Authority must use HTTPS unless disabled for development by setting RequireHttpsMetadata=false.
2020-07-18T05:13:39.265461099Z: [INFO] at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerPostConfigureOptions.PostConfigure(String name, JwtBearerOptions options)
2020-07-18T05:13:39.265465899Z: [INFO] at Microsoft.Extensions.Options.OptionsFactory`1.Create(String name)
2020-07-18T05:13:39.265470499Z: [INFO] at Microsoft.Extensions.Options.OptionsMonitor`1.<>c__DisplayClass11_0.<Get>b__0()
2020-07-18T05:13:39.265475899Z: [INFO] at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
2020-07-18T05:13:39.265480298Z: [INFO] --- End of stack trace from previous location where exception was thrown ---
2020-07-18T05:13:39.265484698Z: [INFO] at System.Lazy`1.CreateValue()
2020-07-18T05:13:39.265489098Z: [INFO] at System.Lazy`1.get_Value()
2020-07-18T05:13:39.265493798Z: [INFO] at Microsoft.Extensions.Options.OptionsCache`1.GetOrAdd(String name, Func`1 createOptions)
2020-07-18T05:13:39.265498198Z: [INFO] at Microsoft.Extensions.Options.OptionsMonitor`1.Get(String name)
2020-07-18T05:13:39.265502598Z: [INFO] at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.InitializeAsync(AuthenticationScheme scheme, HttpContext context)
2020-07-18T05:13:39.265507098Z: [INFO] at Microsoft.AspNetCore.Authentication.AuthenticationHandlerProvider.GetHandlerAsync(HttpContext context, String authenticationScheme)
2020-07-18T05:13:39.265511698Z: [INFO] at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
2020-07-18T05:13:39.265516198Z: [INFO] at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
2020-07-18T05:13:39.265520598Z: [INFO] at SGRE.SiteEnrichment.WebApi.Startup.<>c.<<Configure>b__5_2>d.MoveNext() in d:\a\s\src\app\SGRE.SiteEnrichment.WebApi\Startup.cs:line 211
2020-07-18T05:13:39.265526198Z: [INFO] --- End of stack trace from previous location where exception was thrown ---
2020-07-18T05:13:39.265530698Z: [INFO] at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)
2020-07-18T05:13:39.265535098Z: [INFO] at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)
2020-07-18T05:13:39.265539498Z: [INFO] at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)
2020-07-18T05:13:39.265544798Z: [INFO] at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)
我已在应用服务应用设置配置中将 AzureAd:Authority 设置为 https://login.microsoftonline.com/。有人可以帮我理解这个问题吗?任何帮助将不胜感激。谢谢
您可以通过将 JwtBearerOptions.RequireHttpsMetadata 添加到 false 作为 ConfigureServices[=13 来消除此错误=]
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options =>
{
options.Authority = Configuration["Auth0:Authority"];
options.Audience = Configuration["Auth0:Audience"];
options.RequireHttpsMetadata = false;
});
}
您可以简单地为 Audience 和 Authority 选择 https 端点。
以本地为例。
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options => {
options.Audience = "https://localhost:5001/";
options.Authority = "https://localhost:5000/";
});
...
}
在我的例子中,JwtBearer 选项的“Authority”属性中只是简单的 http 而不是 https,
options.Authority = "https://localhost:5005";
FWIW:我花了一个小时没有找到 url 中的前导 space。
options.Authority = " https://localhost:5005";
^
网络核心应用。我添加了 azure 广告身份验证。下面是我的 startup.cs 文件
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.SaveToken = true;
options.RequireHttpsMetadata = true;
options.Authority = $"{authSettings.Authority}/{authSettings.TenantId}";
options.Audience = authSettings.ClientId;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuer = true,
ValidateIssuerSigningKey = false,
ValidateActor = false,
};
});
我已经将应用程序部署到 Azure 应用程序服务。它部署成功。我打开 swagger 并进行身份验证并尝试点击 api。它抛出 500 错误。我去了 azure 应用服务日志流。它向我显示以下错误消息。
/appsvctmp/volatile/logs/runtime/0ad1b1161bafbb0b8662db769e40eca0226d3d1d7d4737bdbe13f88e8a4f089b.log
2020-07-18T03:48:32.615339369Z: [INFO] Hosting environment: Production
2020-07-18T03:48:32.615384568Z: [INFO] Content root path: /app
2020-07-18T03:48:32.616251458Z: [INFO] Now listening on: http://[::]:8081
2020-07-18T03:48:32.616952250Z: [INFO] Application started. Press Ctrl+C to shut down.
/appsvctmp/volatile/logs/runtime/f342b472edabea44dc320f2bfa84254b92f9d5ddb433c5d248c4cae636eecd28.log
2020-07-18T05:04:03.313150755Z: [INFO] Hosting environment: Production
2020-07-18T05:04:03.313765848Z: [INFO] Content root path: /app
2020-07-18T05:04:03.314598838Z: [INFO] Now listening on: http://[::]:8081
2020-07-18T05:04:03.315059032Z: [INFO] Application started. Press Ctrl+C to shut down.
Ending Log Tail of existing logs ---
Starting Live Log Stream ---
2020-07-18T05:12:23 No new trace in the past 1 min(s).
2020-07-18T05:13:23 No new trace in the past 2 min(s).
2020-07-18T05:13:39.265412299Z: [INFO] [41m[30mfail[39m[22m[49m: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware[1]
2020-07-18T05:13:39.265449199Z: [INFO] An unhandled exception has occurred while executing the request.
2020-07-18T05:13:39.265456199Z: [INFO] System.InvalidOperationException: The MetadataAddress or Authority must use HTTPS unless disabled for development by setting RequireHttpsMetadata=false.
2020-07-18T05:13:39.265461099Z: [INFO] at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerPostConfigureOptions.PostConfigure(String name, JwtBearerOptions options)
2020-07-18T05:13:39.265465899Z: [INFO] at Microsoft.Extensions.Options.OptionsFactory`1.Create(String name)
2020-07-18T05:13:39.265470499Z: [INFO] at Microsoft.Extensions.Options.OptionsMonitor`1.<>c__DisplayClass11_0.<Get>b__0()
2020-07-18T05:13:39.265475899Z: [INFO] at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
2020-07-18T05:13:39.265480298Z: [INFO] --- End of stack trace from previous location where exception was thrown ---
2020-07-18T05:13:39.265484698Z: [INFO] at System.Lazy`1.CreateValue()
2020-07-18T05:13:39.265489098Z: [INFO] at System.Lazy`1.get_Value()
2020-07-18T05:13:39.265493798Z: [INFO] at Microsoft.Extensions.Options.OptionsCache`1.GetOrAdd(String name, Func`1 createOptions)
2020-07-18T05:13:39.265498198Z: [INFO] at Microsoft.Extensions.Options.OptionsMonitor`1.Get(String name)
2020-07-18T05:13:39.265502598Z: [INFO] at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.InitializeAsync(AuthenticationScheme scheme, HttpContext context)
2020-07-18T05:13:39.265507098Z: [INFO] at Microsoft.AspNetCore.Authentication.AuthenticationHandlerProvider.GetHandlerAsync(HttpContext context, String authenticationScheme)
2020-07-18T05:13:39.265511698Z: [INFO] at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
2020-07-18T05:13:39.265516198Z: [INFO] at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
2020-07-18T05:13:39.265520598Z: [INFO] at SGRE.SiteEnrichment.WebApi.Startup.<>c.<<Configure>b__5_2>d.MoveNext() in d:\a\s\src\app\SGRE.SiteEnrichment.WebApi\Startup.cs:line 211
2020-07-18T05:13:39.265526198Z: [INFO] --- End of stack trace from previous location where exception was thrown ---
2020-07-18T05:13:39.265530698Z: [INFO] at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)
2020-07-18T05:13:39.265535098Z: [INFO] at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)
2020-07-18T05:13:39.265539498Z: [INFO] at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)
2020-07-18T05:13:39.265544798Z: [INFO] at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)
我已在应用服务应用设置配置中将 AzureAd:Authority 设置为 https://login.microsoftonline.com/。有人可以帮我理解这个问题吗?任何帮助将不胜感激。谢谢
您可以通过将 JwtBearerOptions.RequireHttpsMetadata 添加到 false 作为 ConfigureServices[=13 来消除此错误=]
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options =>
{
options.Authority = Configuration["Auth0:Authority"];
options.Audience = Configuration["Auth0:Audience"];
options.RequireHttpsMetadata = false;
});
}
您可以简单地为 Audience 和 Authority 选择 https 端点。 以本地为例。
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options => {
options.Audience = "https://localhost:5001/";
options.Authority = "https://localhost:5000/";
});
...
}
在我的例子中,JwtBearer 选项的“Authority”属性中只是简单的 http 而不是 https,
options.Authority = "https://localhost:5005";
FWIW:我花了一个小时没有找到 url 中的前导 space。
options.Authority = " https://localhost:5005";
^