始终获得“此请求已被拒绝授权。”消息

Question

I'm able to successfully retrieve token, but when trying to authenticate using the token I always get the Authorization has been denied for this request message. 我能够成功检索令牌，但是当尝试使用令牌进行身份验证时，我总是得到Authorization has been denied for this request消息的Authorization has been denied for this request 。

My Startup.cs file contains the following methods 我的Startup.cs文件包含以下方法

public void Configuration(IAppBuilder app)
{
    var config = new HttpConfiguration();
    WebApiConfig.Register(config);

    app.UseWebApi(config);

    ConfigureOAuth(app);

    var jsonFormatter = config.Formatters.OfType<JsonMediaTypeFormatter().First();
    jsonFormatter.SerializerSettings
                 .ContractResolver = new CamelCasePropertyNamesContractResolver();
}

private void ConfigureOAuth(IAppBuilder app)
{
    var oAuthServerOptions = new OAuthAuthorizationServerOptions()
    {
        AllowInsecureHttp = true,
        TokenEndpointPath = new PathString("/Token"),
        AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
        Provider = new DefaultAuthorizationServerProvider()
    };

    app.UseOAuthAuthorizationServer(oAuthServerOptions);
    app.UseOAuthBearerAuthentication(new   OAuthBearerAuthenticationOptions());
}

The DefaultAuthorizationServerProvider.cs class contains the following DefaultAuthorizationServerProvider.cs类包含以下内容

public class DefaultAuthorizationServerProvider : OAuthAuthorizationServerProvider
{
    public override async Task ValidateClientAuthentication
        (
        OAuthValidateClientAuthenticationContext context
        )
    {
        context.Validated();
    }

    public override async Task GrantResourceOwnerCredentials
        (
        OAuthGrantResourceOwnerCredentialsContext context
        )
    {
        context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });

        var identityManager = new IdentityManager();

        var identity = identityManager.Get(context.UserName, context.Password,
            new IpAddressProvider().Provide(IpAddressType.Forwarding));

        if (identity == null)
        {
            context.SetError("invalid_grant", "Authentication failed. Please make sure you provided the correct username and password.");
        }
        else
        {
            identity.AddClaim(new Claim(ClaimTypes.Role, "User"));
            context.Validated(identity);
        }
    }
}

And the IdentityManager.cs class have the following IdentityManager.cs类具有以下内容

public class IdentityManager : IIdentityManager
{
    public virtual ClaimsIdentity Get
       (
       string username,
       string password,
       string ipAddress
       )
    {
        var authenticateUserWorkflowOutput = new AuthenticateUserWorkflowHelper().Execute
            (
                new AuthenticateUserWorkflowInput
                {
                    Username = username,
                    Password = password,
                    IpAddress = ipAddress
                },
                new AuthenticateUserWorkflowState()
            );

        if (authenticateUserWorkflowOutput.Message.Exception != null)
        {
            return null;
        }

        if (!authenticateUserWorkflowOutput.Authenticated)
        {
            return null;
        }

        return authenticateUserWorkflowOutput.User != null ? new Infrastructure.Identity(new[]
        {
            new Claim(ClaimTypes.Name, authenticateUserWorkflowOutput.MasterUser.EmailAddress), 
        }, "ApplicationCookie") : null;
    }
}

Using Fiddler I can successfully retrieve a token 使用Fiddler我可以成功检索令牌

在此输入图像描述

But when I try to authenticate using the token I get the following response 但是当我尝试使用令牌进行身份验证时，我得到以下响应

在此输入图像描述

Answer 1

Ok, I found the problem in my Startup class. 好的，我在Startup课程中发现了这个问题。 I was missing the following 我错过了以下内容

[assembly: OwinStartup(typeof(Yugasat.System.ServiceLayer.Startup))]
namespace Yugasat.System.ServiceLayer

and the ConfigureOAuth(app); 和ConfigureOAuth(app); call needed to be moved to the top of the Configuration method. 需要将调用移动到Configuration方法的顶部。 Below is my new Startup.cs class. 下面是我的新Startup.cs类。

[assembly: OwinStartup(typeof(Yugasat.System.ServiceLayer.Startup))]
namespace Yugasat.System.ServiceLayer
{
    public class Startup
    {
        public void Configuration(IAppBuilder app)
        {
            ConfigureOAuth(app);

            var config = new HttpConfiguration();
            WebApiConfig.Register(config);

            app.UseWebApi(config);

            var jsonFormatter = config.Formatters.OfType<JsonMediaTypeFormatter>().First();
            jsonFormatter.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver();
        }

        private void ConfigureOAuth(IAppBuilder app)
        {
            var oAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/Token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
                Provider = new DefaultAuthorizationServerProvider()
            };

            app.UseOAuthAuthorizationServer(oAuthServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
        }
    }
}

始终获得“此请求已被拒绝授权。”消息

问题描述

1 个解决方案

解决方案1
3 已采纳 2015-03-19 08:37:03

始终获得“此请求已被拒绝授权。”消息

问题描述

1 个解决方案

解决方案1 3 已采纳 2015-03-19 08:37:03

解决方案1
3 已采纳 2015-03-19 08:37:03