Azure B2C 和 .net 核心 3.1 认证问题

Question

I am upgrading my .net 2.0 core B2C app to .net 3.1. I have followed this example , but I keep getting a 401 response when trying to access an endpoint with a valid jwt. My app has been registered correctly in Azure B2C as making an authenticated request works against my .net core 2.0 app.

Here's my code in Startup.cs:

        public void ConfigureServices(IServiceCollection services)
        {
            services.AddCors(options =>
            {
                options.AddPolicy(name: MyAllowSpecificOrigins,
                builder =>
                    {
                        builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader();
                    });
            });

            services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                    .AddMicrosoftIdentityWebApi(options =>
                    {
                        Configuration.Bind("AzureAdB2C", options);
                        options.TokenValidationParameters.NameClaimType = "name";
                    },
            options => { Configuration.Bind("AzureAdB2C", options); });


            services.AddControllers();
            services.AddTransient<IProjectRepo, ProjectRepo>();
            services.AddAuthorization(options =>
            {
                // Create policy to check for the scope 'read'
                options.AddPolicy("ReadScope",
                    policy => policy.Requirements.Add(new ScopesRequirement("read")));
            });
        }

        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }


            app.UseHttpsRedirection();

            app.UseRouting();
            app.UseCors(MyAllowSpecificOrigins);

            app.UseAuthorization();
            app.UseAuthentication();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapControllers();
            });
        }

Here's my appSettings.json

  {
    "AzureAdB2C": {
    "Instance": "https://<my-tenant>.b2clogin.com/tfp/",
    "ClientId": "xxxxx-xxx-x-xxxx-xxxxxxxxx",
    "Domain": "<my-tenant>.onmicrosoft.com",
    "TenantId": "yyyyyy-yyyyy-yyyy-yyyyyyyy",
    "SignUpSignInPolicyId": "B2C_1_DefaultSignInSignUp"
  },
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
    }
  },
  "AllowedHosts": "*"
}

Here is the authorization tag on my controller

    [ApiController]
    [Authorize]
    [Route("[controller]")]
    public class WeatherForecastController : ControllerBase
    {
    ...

The endpoint I hit is working when auth is turned off, so the problem is not occurring as the controller is initialized or from a bad database connection. Any insight would be appreciated. Also there aren't very many .net core 3.1 b2c web api examples out there so any direction to working sample code would be helpful as well.

Answer 1

So I downloaded the full example, put in my b2c properties and it worked. I tried moving piece by piece the exact code from the example into my working solution, and it didn't work. I remember installing graphql, experimenting with it, and uninstalling it, so maybe the dependencies broke some how. I cleaned the project and rebuilt and that didn't work, but maybe something was installed / uninstalled incorrectly. I created a new project, moved all of my code from my working solutoin over, and it worked.