JWT Bearer 不断返回 401 状态 - Bearer error="invalid_token", error_description="The signature is invalid"
JWT Bearer Keeps returning 401 Status - Bearer error="invalid_token", error_description="The signature is invalid"
我在我的 Web API 中实现了 Jwt Bearer,我成功获得了登录令牌。我 copy/paste 这个令牌用于授权,我收到
Bearer error="invalid_token", error_description="The signature is
invalid"
ValidIssuer 是 WebAPIUrl,部署在 Azure
ValidAudience 是 Angular 前端 URL,也部署在 Azure
我花了几个小时寻找问题,但似乎没有找到解决方案。
即使将 ValidateIssuer & -Audience 设置为 false,也无法解决问题。我是不是漏掉了什么或者你看到错误了吗?
Startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
options.AddPolicy("CorsPolicy", builder =>
{
builder.AllowAnyOrigin()
.AllowAnyHeader()
.AllowAnyMethod();
});
});
services.ConfigureIISIntegration();
services.ConfigureMsSqlContext(Configuration);
services.ConfigureRepositoryWrapper();
services.AddAuthentication(opt => {
opt.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
opt.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
opt.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.SaveToken = true;
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidIssuer = Configuration["JWT:Issuer"],
ValidAudience = Configuration["JWT:Audience"],
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["JWT:Secret"]))
};
});
services.AddControllers();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseDeveloperExceptionPage();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCors("CorsPolicy");
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.All
});
app.UseAuthentication();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
我的问题的解决方案,可能很小但很详细
我忘记将授权属性放在我的请求方法之上
[HttpGet, Authorize]
public IActionResult GetMaterialDetails()
我在我的 Web API 中实现了 Jwt Bearer,我成功获得了登录令牌。我 copy/paste 这个令牌用于授权,我收到
Bearer error="invalid_token", error_description="The signature is invalid"
ValidIssuer 是 WebAPIUrl,部署在 Azure
ValidAudience 是 Angular 前端 URL,也部署在 Azure
我花了几个小时寻找问题,但似乎没有找到解决方案。
即使将 ValidateIssuer & -Audience 设置为 false,也无法解决问题。我是不是漏掉了什么或者你看到错误了吗?
Startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
options.AddPolicy("CorsPolicy", builder =>
{
builder.AllowAnyOrigin()
.AllowAnyHeader()
.AllowAnyMethod();
});
});
services.ConfigureIISIntegration();
services.ConfigureMsSqlContext(Configuration);
services.ConfigureRepositoryWrapper();
services.AddAuthentication(opt => {
opt.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
opt.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
opt.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.SaveToken = true;
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidIssuer = Configuration["JWT:Issuer"],
ValidAudience = Configuration["JWT:Audience"],
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["JWT:Secret"]))
};
});
services.AddControllers();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseDeveloperExceptionPage();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCors("CorsPolicy");
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.All
});
app.UseAuthentication();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
我的问题的解决方案,可能很小但很详细
我忘记将授权属性放在我的请求方法之上
[HttpGet, Authorize]
public IActionResult GetMaterialDetails()