ASP.NET core - 如何添加多种认证方案
ASP.NET core - How to add multiple authentication schemes
我的应用是一个集成了Openiddict的MVC,我也想补充一些API。问题是当我尝试从客户端发送请求时,无法识别经过身份验证的客户端。为了解决这个问题,我将“授权”属性更改为:
[Authorize(AuthenticationSchemes = OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme)]
之后,不允许从 MVC 页面向 API 请求。
如何解决?有没有办法在不更改“授权”属性的情况下解决此问题?
规格:
asp.net core .NET5, Openiddict 3
控制台日志(从 MVC 页面请求到具有特殊授权属性的 API):
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2 GET https://localhost:5001/api/MyApitest - -
dbug: OpenIddict.Server.OpenIddictServerDispatcher[0]
The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+InferEndpointType.
dbug: OpenIddict.Server.OpenIddictServerDispatcher[0]
The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+InferIssuerFromHost.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessRequestContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+InferIssuerFromHost.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromAuthorizationHeader.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromBodyForm.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromQueryString.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+ValidateToken.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was marked as rejected by OpenIddict.Validation.OpenIddictValidationHandlers+ValidateToken.
dbug: OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandler[9]
AuthenticationScheme: OpenIddict.Validation.AspNetCore was not authenticated.
info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
Authorization failed. These requirements were not met:
DenyAnonymousAuthorizationRequirement: Requires an authenticated user.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachHostChallengeError.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+AttachDefaultChallengeError.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachHttpResponseCode`1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachCacheControlHeader`1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachWwwAuthenticateHeader`1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
info: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The response was successfully returned as a challenge response: {
"error": "missing_token",
"error_description": "The security token is missing.",
"error_uri": "https://documentation.openiddict.com/errors/ID2000"
}.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ProcessChallengeErrorResponse`1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was marked as handled by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ProcessChallengeErrorResponse`1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
info: OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandler[12]
AuthenticationScheme: OpenIddict.Validation.AspNetCore was challenged.
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished HTTP/2 GET https://localhost:5001/api/MyApitest - - - 401 0 - 133.4335ms
如果您在 API 控制器上使用带有 Asp.Net Core Identity 的身份验证,并且还想使用 openiddict 进行 OAuth 身份验证,您可以同时使用这两种身份验证方案,例如
[Authorize(AuthenticationSchemes = "Identity.Application," + OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme)]
我的应用是一个集成了Openiddict的MVC,我也想补充一些API。问题是当我尝试从客户端发送请求时,无法识别经过身份验证的客户端。为了解决这个问题,我将“授权”属性更改为:
[Authorize(AuthenticationSchemes = OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme)]
之后,不允许从 MVC 页面向 API 请求。
如何解决?有没有办法在不更改“授权”属性的情况下解决此问题?
规格:
asp.net core .NET5, Openiddict 3
控制台日志(从 MVC 页面请求到具有特殊授权属性的 API):
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2 GET https://localhost:5001/api/MyApitest - -
dbug: OpenIddict.Server.OpenIddictServerDispatcher[0]
The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+InferEndpointType.
dbug: OpenIddict.Server.OpenIddictServerDispatcher[0]
The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+InferIssuerFromHost.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessRequestContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+InferIssuerFromHost.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromAuthorizationHeader.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromBodyForm.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ExtractAccessTokenFromQueryString.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+ValidateToken.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessAuthenticationContext was marked as rejected by OpenIddict.Validation.OpenIddictValidationHandlers+ValidateToken.
dbug: OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandler[9]
AuthenticationScheme: OpenIddict.Validation.AspNetCore was not authenticated.
info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
Authorization failed. These requirements were not met:
DenyAnonymousAuthorizationRequirement: Requires an authenticated user.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachHostChallengeError.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers+AttachDefaultChallengeError.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachHttpResponseCode`1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachCacheControlHeader`1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+AttachWwwAuthenticateHeader`1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
info: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The response was successfully returned as a challenge response: {
"error": "missing_token",
"error_description": "The security token is missing.",
"error_uri": "https://documentation.openiddict.com/errors/ID2000"
}.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ProcessChallengeErrorResponse`1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext was marked as handled by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ProcessChallengeErrorResponse`1[[OpenIddict.Validation.OpenIddictValidationEvents+ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
info: OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandler[12]
AuthenticationScheme: OpenIddict.Validation.AspNetCore was challenged.
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished HTTP/2 GET https://localhost:5001/api/MyApitest - - - 401 0 - 133.4335ms
如果您在 API 控制器上使用带有 Asp.Net Core Identity 的身份验证,并且还想使用 openiddict 进行 OAuth 身份验证,您可以同时使用这两种身份验证方案,例如
[Authorize(AuthenticationSchemes = "Identity.Application," + OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme)]