.NET 核心 6.0 智威汤逊 returns 400
.NET Core 6.0 JWT returns 400
我正在使用 postman 测试新的 C# Web API 但我执行的每个请求 returns 400 甚至传递了我在登录请求时获得的不记名令牌(工作正常) .下面我展示我的代码。
CardController.cs
using CoreBusiness;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
// For more information on enabling Web API for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860
namespace WebApi.Controllers
{
[Authorize]
[Route("/")]
[ApiController]
public class CardController : ControllerBase
{
private readonly IJwtAuthenticationManager jwtAuthenticationManager;
public CardController(IJwtAuthenticationManager jwtAuthenticationManager)
{
this.jwtAuthenticationManager = jwtAuthenticationManager;
}
// GET: api/<CardController>
[HttpGet]
[Route("cards")]
public IEnumerable<string> Get()
{
return new string[] { "value1", "value2" };
}
// GET api/<CardController>/5
[HttpGet("{id}")]
public string Get(int id)
{
return "value";
}
// POST api/<CardController>
[HttpPost]
public void Post([FromBody] string value)
{
}
// PUT api/<CardController>/5
[HttpPut("{id}")]
public void Put(int id, [FromBody] string value)
{
}
// DELETE api/<CardController>/5
[HttpDelete("{id}")]
public void Delete(int id)
{
}
[AllowAnonymous]
[HttpPost("login")]
public IActionResult Login([FromBody] UserLoginDto userLoginDto)
{
var token = jwtAuthenticationManager.Login(userLoginDto.Login, userLoginDto.Senha);
if (token == null)
return Unauthorized();
else
return Ok(token);
}
}
}
我的JwtAuthenticationManager.cs
using CoreBusiness;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
namespace WebApi
{
public class JwtAuthenticationManager : IJwtAuthenticationManager
{
private readonly List<UserLoginDto> users = new List<UserLoginDto>
{
new UserLoginDto() { Login = "login", Senha = "pass" }
};
private readonly string key;
public JwtAuthenticationManager(string key)
{
this.key = key;
}
public string Login(string userName, string password)
{
if (!users.Any(f => f.Login == userName && f.Senha == password))
{
return null;
}
var tokenHandler = new JwtSecurityTokenHandler();
var tokenKey = Encoding.ASCII.GetBytes(key);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[] {
new Claim(ClaimTypes.Name, userName)
}),
Expires = DateTime.UtcNow.AddHours(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(tokenKey),
SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);
}
}
}
我的Pogram.cs
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
using System.Text;
using WebApi;
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Services.AddControllers();
var key = "my secret test key with minimum characters";
builder.Services.AddSingleton<IJwtAuthenticationManager>(new JwtAuthenticationManager(key));
builder.Services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(x =>
{
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(key)),
ValidateIssuer = false,
ValidateAudience = false
};
});
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();
你能帮帮我吗?我已经尝试更改授权和身份验证的行位置。
其实我没主意了。
谢谢
API控制器不支持REST,只支持属性路由。所以我推荐你
[Route("[controller]/[action]/")]
[ApiController]
public class CardController : ControllerBase
[HttpGet("~/cards")]
public IEnumerable<string> Get()
{
return new string[] { "value1", "value2" };
}
// GET api/<CardController>/5
[HttpGet("~/cards/get/{id}")] // or "~/api/cards/get/{id}"
public string Get(int id)
{
return "value";
}
... and so on
我正在使用 postman 测试新的 C# Web API 但我执行的每个请求 returns 400 甚至传递了我在登录请求时获得的不记名令牌(工作正常) .下面我展示我的代码。
CardController.cs
using CoreBusiness;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
// For more information on enabling Web API for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860
namespace WebApi.Controllers
{
[Authorize]
[Route("/")]
[ApiController]
public class CardController : ControllerBase
{
private readonly IJwtAuthenticationManager jwtAuthenticationManager;
public CardController(IJwtAuthenticationManager jwtAuthenticationManager)
{
this.jwtAuthenticationManager = jwtAuthenticationManager;
}
// GET: api/<CardController>
[HttpGet]
[Route("cards")]
public IEnumerable<string> Get()
{
return new string[] { "value1", "value2" };
}
// GET api/<CardController>/5
[HttpGet("{id}")]
public string Get(int id)
{
return "value";
}
// POST api/<CardController>
[HttpPost]
public void Post([FromBody] string value)
{
}
// PUT api/<CardController>/5
[HttpPut("{id}")]
public void Put(int id, [FromBody] string value)
{
}
// DELETE api/<CardController>/5
[HttpDelete("{id}")]
public void Delete(int id)
{
}
[AllowAnonymous]
[HttpPost("login")]
public IActionResult Login([FromBody] UserLoginDto userLoginDto)
{
var token = jwtAuthenticationManager.Login(userLoginDto.Login, userLoginDto.Senha);
if (token == null)
return Unauthorized();
else
return Ok(token);
}
}
}
我的JwtAuthenticationManager.cs
using CoreBusiness;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
namespace WebApi
{
public class JwtAuthenticationManager : IJwtAuthenticationManager
{
private readonly List<UserLoginDto> users = new List<UserLoginDto>
{
new UserLoginDto() { Login = "login", Senha = "pass" }
};
private readonly string key;
public JwtAuthenticationManager(string key)
{
this.key = key;
}
public string Login(string userName, string password)
{
if (!users.Any(f => f.Login == userName && f.Senha == password))
{
return null;
}
var tokenHandler = new JwtSecurityTokenHandler();
var tokenKey = Encoding.ASCII.GetBytes(key);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[] {
new Claim(ClaimTypes.Name, userName)
}),
Expires = DateTime.UtcNow.AddHours(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(tokenKey),
SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);
}
}
}
我的Pogram.cs
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
using System.Text;
using WebApi;
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Services.AddControllers();
var key = "my secret test key with minimum characters";
builder.Services.AddSingleton<IJwtAuthenticationManager>(new JwtAuthenticationManager(key));
builder.Services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(x =>
{
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(key)),
ValidateIssuer = false,
ValidateAudience = false
};
});
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();
你能帮帮我吗?我已经尝试更改授权和身份验证的行位置。
其实我没主意了。
谢谢
API控制器不支持REST,只支持属性路由。所以我推荐你
[Route("[controller]/[action]/")]
[ApiController]
public class CardController : ControllerBase
[HttpGet("~/cards")]
public IEnumerable<string> Get()
{
return new string[] { "value1", "value2" };
}
// GET api/<CardController>/5
[HttpGet("~/cards/get/{id}")] // or "~/api/cards/get/{id}"
public string Get(int id)
{
return "value";
}
... and so on