在一个 web api 中同时使用 windows 身份验证和不记名令牌
[英]Use both windows authentication and bearer tokens in one web api
问题描述
I am trying to build a web api in .NET core 3.1 which first tries to get a bearer token through windows authentication and then uses this token to autenticate further requests. 
I am trying to build a web api in .NET core 3.1 which first tries to get a bearer token through windows authentication and then uses this token to autenticate further requests.
It seems that it is not allowed to use both windows authentication and bearer in a single web api.似乎不允许在单个 web api 中同时使用 windows 身份验证和承载。 I want to have to controllers for which one uses windows authentication and another uses bearer authentication.我想拥有一个使用 windows 身份验证和另一个使用承载身份验证的控制器。 This is my controller method:这是我的 controller 方法:
[HttpGet]
[Route("api/token")]
[Authorize(AuthenticationSchemes = "Windows")]
public async Task<IActionResult> AuthorizeAsync(CancellationToken cancellationToken)
{
// Do something
}
this is for my bearer auth-scheme:这是我的不记名身份验证方案:
_services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options =>
{
options.RequireHttpsMetadata = false;
options.SaveToken = true;
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuerSigningKey = !string.IsNullOrWhiteSpace(tokenProviderOptions.SigningKey),
IssuerSigningKey = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(tokenProviderOptions.SigningKey)),
ValidateIssuer = !string.IsNullOrWhiteSpace(tokenProviderOptions.Issuer),
ValidIssuer = tokenProviderOptions.Issuer,
ValidateAudience = !string.IsNullOrWhiteSpace(tokenProviderOptions.Audience),
ValidAudience = tokenProviderOptions.Audience,
RequireExpirationTime = true,
ValidateLifetime = !string.IsNullOrWhiteSpace(tokenProviderOptions.TokenLifeTime),
ClockSkew = TimeSpan.FromSeconds(0),
};
});
and in my startup I add windows auth:在我的启动中,我添加了 windows 身份验证:
services.AddAuthentication("Windows").AddNegotiate();
I have read answers that you cannot call AddAuthentication twice since the second call will override the configuration of the first call, but no solution provided in these question.我已经阅读了您不能两次调用AddAuthentication的答案,因为第二次调用将覆盖第一次调用的配置,但这些问题中没有提供解决方案。
So how to mix windows authentication and bearer tokens in one web api?那么如何在一个 web api 中混合 windows 身份验证和不记名令牌?
1 个解决方案
解决方案1
1 2022-01-03 09:29:08
You can add multiple AuthenticationSchemes as it is a comma delimited string property.您可以添加多个 AuthenticationSchemes,因为它是一个逗号分隔的字符串属性。
[Authorize(AuthenticationSchemes = "Windows,Bearer")]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.