堆栈内存溢出
  简体   繁体   English

JWT 颁发者无效的 Asp.Net 核心

[英]JWT Issuer Invalid Asp.Net Core

 原文  2020-03-16 16:06:23       asp.net-core/ jwt

问题描述

My JWT isn't being validated because the issuer claim is failing and I don't know why Creating the token looks like this:我的 JWT 没有得到验证,因为颁发者声明失败了,我不知道为什么创建令牌看起来像这样:

            var key = Encoding.UTF8.GetBytes(_config["JWT:Secret"]);
            var signingCredentials = new SigningCredentials(
                new SymmetricSecurityKey(key), 
                SecurityAlgorithms.HmacSha256Signature);

            var token = new JwtSecurityToken(
               issuer: _config["JWT:Issuer"],
               claims: claims,
               notBefore: DateTime.Now,
               expires: DateTime.Now.AddMinutes(20),
               signingCredentials: signingCredentials
               );

and in my Startup.cs file I validate the token as such:在我的 Startup.cs 文件中,我验证令牌如下:

            services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options =>
                {
                    options.IncludeErrorDetails = true;
                    options.RequireHttpsMetadata = false;
                    options.ClaimsIssuer = Configuration["JWT:Issuer"];
                    options.TokenValidationParameters = new TokenValidationParameters()
                    {
                        ValidateIssuerSigningKey = true,
                        IssuerSigningKey = new SymmetricSecurityKey(
                            Encoding.UTF8.GetBytes(Configuration["JWT:Secret"])),
                        // works when set to false
                        ValidateIssuer = true,
                        ValidateAudience = false,
                        ValidateLifetime = true
                    };
                });

So then why am I getting this error:那么为什么我会收到此错误:

Bearer error="invalid_token", error_description="The issuer 'LoggerApp' is invalid" Bearer error="invalid_token", error_description="颁发者'LoggerApp'无效"

note: _config and Configuration are the same dependency注意:_config 和 Configuration 是相同的依赖

1 个解决方案

解决方案1
 0 已采纳  2020-03-17 05:59:18

You should set ValidIssuer property of TokenValidationParameters to make sure issuer validation works :你应该设置ValidIssuer财产TokenValidationParameters以确保发行人确认工作:

ValidateIssuer = true,
ValidIssuer = Configuration["JWT:Issuer"],

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用JWT的ASP.NET核心身份验证:'签名无效' - ASP.NET Core authentication with JWT: 'The signature is invalid' 使用 ASP.NET Core 的 JWT 令牌无效令牌错误 - JWT token invalid token error using ASP.NET Core ASP.NET 核心:创建带有无效日期的 JWT 令牌 - ASP.NET Core : create JWT token with invalid date 使用包含多个 CN 或域名的 SSL 托管 asp.net core + ReactJS web 应用程序导致无效的发行者错误 - Hosting asp.net core + ReactJS web app with SSL containing multiple CN or domain names is causing invalid issuer error asp.net核心中的JWT身份验证 - JWT Authentication validation in asp.net core ASP.NET Core 和 JWT 令牌生命周期 - ASP.NET Core and JWT token lifetime ASP.NET 核心 3+ JWT 认证 - ASP.NET Core 3+ JWT authentication ASP.NET 核心登录JWT - ASP.NET Core Sign In with JWT ASP.NET Core:具有范围的JWT令牌 - ASP.NET Core: JWT token with Scopes SwaggerUI中对Asp.net Core的JWT支持吗? - JWT support in SwaggerUI for Asp.net Core?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM