如何解决AspNetCore API JWT令牌可在PostMan中使用,但不适用于HttpClient
我正在尝试使用HttpClient
调用API,当我在没有[Authorize]
的情况下调用API时,我会正确地获取所有信息。当我添加属性时,确实收到401未经授权的错误。有趣的是,当我使用Postman的Bearer令牌呼叫时,它可以正常工作。
我已经看到一些帖子,他们说我已经在app.UseAuthentication();
之前添加了app.UseAuthorization();
。
下面是我用来调用API的代码,我注意到的是我正在调用http://localhost:5000/api/accounts
,但是我收到了https://localhost:5001/api/accounts
的响应
protected HttpClient CreateClient()
{
var client = new HttpClient { BaseAddress = new Uri(ConfigurationManager.AppSettings["ServerAddress"]) };
if(_securityService.HasToken)
{
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer",_securityService.Token);
}
return client;
}
protected async Task<T> GetAsync<T>(string url,CancellationToken cancellationToken = default,params object[] parameters)
{
using var client = CreateClient();
if (parameters.Any())
url = string.Format(url,parameters);
var response = await client.GetAsync(url,cancellationToken);
if (response.IsSuccessstatusCode)
{
var stringContent = await response.Content.ReadAsstringAsync();
return JsonConvert.DeserializeObject<T>(stringContent);
}
else
{
//Todo: Add Logger and log Result
return default;
}
}
回复消息
我在这里有2个问题,为什么这会更改请求uri,有人可以解释一下为什么这可以在邮递员中工作,但不能使用HttpClient。
services.AddDefaultIdentity<ApplicationUser>()
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<SchedulerContext>()
.AddDefaultTokenProviders();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
var securityKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(Constants.ConstantsToAddToSecrets.Seceret));
options.RequireHttpsMetadata = false;
options.Savetoken = true;
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuerSigningKey = true,IssuerSigningKey = securityKey,ValidateIssuer = false,ValidateAudience = false
};
});
services.AddAuthorization(options =>
{
options.DefaultPolicy =
new AuthorizationPolicyBuilder(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser()
.Build();
options.AddPolicy(Roles.Manager,policy => policy.RequireClaim(Roles.Manager));
options.AddPolicy(Roles.User,policy => policy.RequireClaim(Roles.User));
options.AddPolicy(Roles.Admin,policy => policy.RequireClaim(Roles.Admin));
options.InvokeHandlersAfterFailure = true;
});
services.Configure<IdentityOptions>(options =>
{
options.Password.requiredigit = true;
options.Password.RequireNonAlphanumeric = false;
options.Password.RequireLowercase = false;
options.Password.RequireUppercase = false;
options.Password.requiredLength = 6;
options.User.RequireUniqueEmail = false;
options.Tokens.AuthenticatorIssuer = ConstantsToAddToSecrets.Issuer;
});
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。