在.NET Core 2.0中设置JWT身份验证
[英]Setting up JWT authentication in .NET core 2.0
问题描述
I'm in the process of migrating existing .NET core 1.1.4 code over to .NET core 2.0. 
我正在将现有的.NET Core 1.1.4代码迁移到.NET Core 2.0。 It looks like we have to change it so that we add the authentication as a service in ConfigureService() instead of in the Configure() function. 看来我们必须对其进行更改,以便将身份验证作为服务添加到ConfigureService()而不是在Configure()函数中。
We're currently using the following properties: 我们目前正在使用以下属性:
-
AutomaticAuthenticate -
AutomaticChallenge -
TokenValidationParameters.IssuerSigningKey -
TokenValidationParameters.ValidAudence -
TokenValidationParameters.ValidateIssuerSigningKey -
TokenValidationParameters.ValidateLifetime -
TokenValidationParameters.ValidIssuer
In the migration docs, the AddJwtBearer() has an options parameter with audience so thats what I used. 在迁移文档中, AddJwtBearer()在受众群体中有一个options参数,这就是我所使用的。 However, I checked the interface of the options class and there doesn't seem to be any of the other values I need. 但是,我检查了options类的接口,似乎没有其他需要的值。 However, There is a TokenValidationParameters property. 但是,没有TokenValidationParameters属性。 Can I just instantiate the same token I have now and use that? 我可以实例化我现在拥有的相同令牌并使用它吗?
1.1.4 version: 1.1.4版本:
app.UseAuthentication(new JwtBearerOptions
{
AutomaticAuthenticate = true,
AutomaticChallenge = true,
TokenValidationParameters = new TokenValidationParameters
{
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration.GetSection("AppConfiguration:Key").Value)),
ValidAudience = Configuration.GetSection("AppConfiguration:SiteUrl").Value,
ValidateIssuerSigningKey = true,
ValidateLifetime = true,
ValidIssuer = Configuration.GetSection("AppConfiguration:SiteUrl").Value
}
});
2.0.0 version: 2.0.0版本:
services
.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
var siteUrl = Configuration.GetSection("AppConfiguration:SiteUrl").Value;
options.Audience = siteUrl;
options.Authority = siteUrl;
options.TokenValidationParameters = new TokenValidationParameters
{
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration.GetSection("AppConfiguration:Key").Value)),
ValidateIssuerSigningKey = true,
ValidateLifetime = true,
ValidIssuer = Configuration.GetSection("AppConfiguration:SiteUrl").Value,
};
});
Does AutomaticAuthenticate and AutomaticChallenge become: AutomaticAuthenticate和AutomaticChallenge是否变为:
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme);
1 个解决方案
解决方案1
1 已采纳 2018-04-10 04:26:10
You're right, the AutomaticAuthenticate and AutomaticChallenge properties are gone in ASP.NET Core 2.0. 没错,ASP.NET Core 2.0中的AutomaticAuthenticate和AutomaticChallenge属性都消失了。
They're replaced by this overload of the AddAuthentication method in which you can specify the default authentication scheme. 它们被AddAuthentication方法的重载代替,您可以在其中指定默认的身份验证方案。
The ASP.NET Core 1.x to ASP.NET Core 2.0 migration docs cover this. 从ASP.NET Core 1.x到ASP.NET Core 2.0的迁移文档涵盖了这一点。
Doing so means that, on every request, the authentication handler associated with the scheme (in your case, the JWT bearer token handler) will be run to try to authenticate the request. 这样做意味着在每个请求上,将运行与该方案关联的身份验证处理程序(在您的情况下,是JWT承载令牌处理程序)以尝试对请求进行身份验证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.