如何在asp.net核心Web启动类中配置JWT身份验证和
如何在asp.net核心Web启动类中配置JWT身份验证和
提问于 2022-04-27 05:55:53
我想在JWT核心web API启动类中配置asp.net身份验证和Microsoft身份验证。当我使用下面的代码,它显示方案已经存在承载错误。
public void ConfigureServices(IServiceCollection services)
{
services.AddControllers().AddNewtonsoftJson();
var jwtTokenConfig = Configuration.GetSection("JwtToken").Get<JwtConfiguration>();
var scope = "api://4590ab01-d5b1-42af-ab22-5ad0215ad3b4";
var audience = new List<string>
{
$"{scope}"
};
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.RequireHttpsMetadata = true;
options.SaveToken = true;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = jwtTokenConfig.Issuer,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtTokenConfig.Secret)),
ValidAudience = jwtTokenConfig.Audience,
ValidateAudience = true,
ValidateLifetime = true,
ClockSkew = TimeSpan.FromMinutes(1)
};
})
.AddJwtBearer("AzureAd", options =>
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidAudiences = audience,
ValidIssuers = new List<string>
{
$"https://sts.windows.net/eb971100-6f99-4bdc-8611-1bc8edd7f436",
$"https://sts.windows.net/eb971100-6f99-4bdc-8611-1bc8edd7f436/v2.0"
}
})
.AddMicrosoftIdentityWebApi(Configuration);
services.AddAuthorization(options =>
{
var defaultAuthorizationPolicyBuilder = new AuthorizationPolicyBuilder(
JwtBearerDefaults.AuthenticationScheme, "AzureAd");
defaultAuthorizationPolicyBuilder = defaultAuthorizationPolicyBuilder.RequireAuthenticatedUser();
options.DefaultPolicy = defaultAuthorizationPolicyBuilder.Build();
});回答 2
Stack Overflow用户
回答已采纳
发布于 2022-04-29 01:35:56
将AddJwtBearer()和AddMicrosoftIdentityWebApi()添加到services.AddAuthentication()中。检查AddMicrosoftIdentityWebApi()的源代码,你会发现它有一个参数string jwtBearerScheme = "Bearer"。如果你不改变它,它将与AddJwtBearer()冲突,所以你只需要给它一个新的名字:
.AddMicrosoftIdentityWebApi(Configuration, "AzureAd", "{new name}");和它会工作的很好。
"AzureAd“是默认值,您不需要更改它.
Stack Overflow用户
发布于 2022-04-27 07:29:48
以下是asp.net核心应用程序中JWT的设置和配置。
services.AddAuthorization(options =>
{
options.AddPolicy(RoleStrings.Admin, policy => policy.RequireRole(RoleStrings.Admin));
});
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(configuration.GetSection("JWT:SecretKey").Value)),
ValidateIssuer = false,
ValidateAudience = false,
RequireExpirationTime = false,
ValidateLifetime = true
};
});页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/72023888
复制相关文章
相似问题
腾讯云开发者
