Azure AD 带有用于 Web API 的不记名令牌身份验证的 AD 无法正常工作,抛出错误,因为“此请求的授权已被拒绝”。
[英]Azure AD with Bearer token authentication for Web API not working throwing error as “Authorization has been denied for this request.”
问题描述
A noob question on the way.
路上的菜鸟问题。
I have developed Azure Ad authentication for a Web APi using the example from Git site [https://github.com/Azure-Samples/ms-identity-aspnet-webapi-onbehalfof/tree/master/TodoListService] I have been facing an issue with Azure Ad authentication. I have developed Azure Ad authentication for a Web APi using the example from Git site [https://github.com/Azure-Samples/ms-identity-aspnet-webapi-onbehalfof/tree/master/TodoListService] I have been facing an Azure 广告身份验证问题。 Please find the code below.请在下面找到代码。
Action method from Controller1 class.来自 Controller1 class 的操作方法。
[RoutePrefix("api/hospitals")]
public class HospitalsController : ApiController
{
[Route("GetAll")]
[HttpGet]
[PmAuthorize(Constants.Roles.Admin,Constants.Roles.Doctor)]
public async Task<IEnumerable<hospitals>> GetAll()
{
//return data;....
}
}
My startup.auth.cs file我的 startup.auth.cs 文件
public partial class Startup
{
string clientId = System.Configuration.ConfigurationManager.AppSettings["ClientId"];
string redirectUri = System.Configuration.ConfigurationManager.AppSettings["RedirectUri"];
static string tenant = System.Configuration.ConfigurationManager.AppSettings["Tenant"];
string authority = String.Format(System.Globalization.CultureInfo.InvariantCulture, System.Configuration.ConfigurationManager.AppSettings["Authority"], tenant);
public void ConfigureAuth(IAppBuilder app)
{
app.UseWindowsAzureActiveDirectoryBearerAuthentication(
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
Tenant = tenant,
TokenValidationParameters = new TokenValidationParameters { SaveSigninToken = true, ValidAudience = "clientid" }
});
}
}
WebApiConfig.cs WebApiConfig.cs
public static class WebApiConfig
{
public static void Register(HttpConfiguration config)
{
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
);
config.Filters.Add(new ExceptionHandlingAttribute());
}
}
When ever i am calling a action method/api method call from hospital controller by passing token getting the error as "Authorization has been denied for this request."每当我通过传递令牌来从医院 controller 调用操作方法/api 方法调用时,都会收到错误为“此请求的授权已被拒绝”。
Can some one help me here?.有人可以在这里帮助我吗?
Please add any comments if any addition info required?如果需要任何附加信息,请添加任何评论?
Thanks in advance.提前致谢。
1 个解决方案
解决方案1
0 已采纳 2020-08-23 09:53:11
It was a blunder mistake from my side.从我这边看,这是一个错误的错误。
I had to add a few lines of code inside the "PmAuthorize" attribute to give roles for the user.我必须在“PmAuthorize”属性中添加几行代码来为用户提供角色。
That gave me answer.这给了我答案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.