问题描述
问题陈述:我想使用 ping 身份 OAuth 2.0 来保护 API。我正在关注此 blog,但收到 401。
我已经使用 OAuth2.0 在邮递员工具中配置了 ping 身份团队提供的详细信息,我能够生成令牌,但是当我复制粘贴并将其作为不记名发送时,我在 API 中得到了 401。
我怀疑我是否提供了错误的回调 URL。如果我的 API URL 是 http://web.abc.com/_api/home/userinfo,那么我的回调 URL 应该是什么?
注意:我没有在浏览器中使用此解决方案,而是直接尝试保护 API。可能是我的方法本身不正确。如果有更好的解决方案,请告诉我。
编辑:
Startup.cs 看起来像这样:
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
string x509PublicCert = @"XXXXXXXXXXX";
var byteCert = Convert.FromBase64String(x509PublicCert);
var x509Cert = new X509Certificate2(byteCert);
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.Audience = "http://localhost:65180/";//Configuration["Audience"]; //"http://localhost:9000/";
options.Authority = "https://myloginqa.xyz.com:8080/"; //Configuration["Authority"]; // "https://idp.yourcompany.com:5000/";
options.TokenValidationParameters = new TokenValidationParameters
{
// Validate the JWT Audience
ValidateIssuerSigningKey = true,IssuerSigningKey = new X509SecurityKey(x509Cert),ValidateIssuer = true,Validissuer = "myloginqa.xyz.com",//Configuration["Issuer"],//idp.yourcompany.com
ValidateAudience = false,ValidateLifetime = true,// If you want to allow a certain amount of clock drift,set that here:
ClockSkew = TimeSpan.Zero
};
});
services.AddControllersWithViews();
// In production,the React files will be served from this directory
services.AddSpaStaticFiles(configuration =>
{
configuration.RootPath = "ClientApp/build";
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app,IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
}
app.UseStaticFiles();
app.UseSpaStaticFiles();
app.UseRouting();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseAuthorization();
app.UseCors("CorsApi");
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",pattern: "{controller}/{action=Index}/{id?}");
});
app.UseSpa(spa =>
{
spa.Options.sourcePath = "ClientApp";
if (env.IsDevelopment())
{
spa.UseReactDevelopmentServer(npmScript: "start");
}
});
}
}
Controller 看起来像这样:
[EnableCors("CorsApi")]
//[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
[Authorize]
[ApiController]
[Route("[controller]")]
public class WeatherForecastController : ControllerBase
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)