如何在 ASP.NET CORE 中将 Bearer token 添加到请求中

Question

I have an API secured by Bearer token to be consumed in a mvc project.我有一个由 Bearer 令牌保护的 API，将在 mvc 项目中使用。 I'm using ClientFactory to call the API in mvc.我正在使用ClientFactory在 mvc 中调用 API。 I get the generated token from WeatherForecast [HttpGet] method and use it to to access the Authorized PlayerController methods.我从WeatherForecast [HttpGet]方法获取生成的令牌，并使用它来访问 Authorized PlayerController方法。 It works fine in Postman, But when I try to access PlayerController in mvc, On running a debugger It shows Unauthorized response!它在 Postman 中运行良好，但是当我尝试在 mvc 中访问PlayerController时，在运行调试器时它显示未经授权的响应！

Here is the action to get and use the generated token in mvc project这是在 mvc 项目中获取和使用生成的令牌的操作

        private async Task<JWTToken> CreateToken()
        {
            var request = new HttpRequestMessage(HttpMethod.Get, "http://localhost:42045/weatherforecast");
            var client = _clientFactory.CreateClient();
            HttpResponseMessage response = await client.SendAsync(request);
            var token = await response.Content.ReadAsStringAsync();
            HttpContext.Session.SetString("JwToken", token);
            return JsonConvert.DeserializeObject<JWTToken>(token);

        }
        public async Task<IActionResult> GetAllPlayers()
        {
            JWTToken token = null;
            var strToken = HttpContext.Session.GetString("JwToken");
            if (string.IsNullOrWhiteSpace(strToken))
            {
                token = await CreateToken();
            }
            else
            {
                token = JsonConvert.DeserializeObject<JWTToken>(strToken);
            }
            if (token == null || string.IsNullOrWhiteSpace(token.token) || token.expireAt <= DateTime.UtcNow)
            {
                token = await CreateToken();
            }
            List<Player> players = new List<Player>();
            var request = new HttpRequestMessage(HttpMethod.Get, "http://localhost:42045/api/player");
            var client = _clientFactory.CreateClient();
            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token.token);
            HttpResponseMessage response = await client.SendAsync(request, HttpCompletionOption.ResponseHeadersRead);
            if (response.StatusCode == System.Net.HttpStatusCode.OK)
            {
                var apiString = await response.Content.ReadAsStringAsync();
                players = JsonConvert.DeserializeObject<List<Player>>(apiString);

            }
            return View(players);
        }

Here is CreateToken method in WeatherForecast controller这是WeatherForecast controller 中的CreateToken方法

[HttpGet]
    

public ActionResult<string> Get()
    {
        var rng = new Random();
        var weathers = Enumerable.Range(1, 5).Select(index => new WeatherForecast
        {
            Date = DateTime.Now.AddDays(index),
            TemperatureC = rng.Next(-20, 55),
            Summary = Summaries[rng.Next(Summaries.Length)]
        });
        return Ok(new {
            expireAt = DateTime.UtcNow.AddMinutes(15), token = CreateToken()
        });
    }
    public string CreateToken()
    {
        var key = new SymmetricSecurityKey(System.Text.Encoding.ASCII.GetBytes(_configuration
            .GetSection("AppSettings:Token").Value));
        var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature);
        var token = new JwtSecurityToken(
            claims: new List<Claim>
            {
                new Claim("firstName", "Ahmad"),
                new Claim("lastName", "Zooghii")
            },
            signingCredentials: creds,
            expires: DateTime.UtcNow.AddMinutes(15)
            );
        return new JwtSecurityTokenHandler().WriteToken(token);
    }

Answer 1

add services.AddHttpClient();添加services.AddHttpClient(); in startup.cs在 startup.cs

And this code in controller:而这段代码在 controller 中：

private readonly IHttpClientFactory _httpClientFactory;

public HomeController(IHttpClientFactory httpClientFactory)
{
    _httpClientFactory = httpClientFactory;
}

public async Task<IActionResult> IndexAsync()
{
    var httpClient = _httpClientFactory.CreateClient();
    var token = "your_token";
    httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
    HttpResponseMessage response = await httpClient.GetAsync("your_url");
    return View();
}

======================Cors policy======================== ======================Cors 政策========================

add below code in startup.cs -> ConfigureServices method在 startup.cs -> ConfigureServices方法中添加以下代码

services.AddCors(options =>
{
    options.AddPolicy(name: "mypolicy",
                      builder =>
                      {
                          builder.AllowAnyHeader().AllowAnyMethod().AllowAnyOrigin();
                      });
});

add app.UseCors("mypolicy");添加app.UseCors("mypolicy"); in startup.cs -> Configure method behind app.UseRouting();在 startup.cs -> Configure app.UseRouting(); line.线。

如何在 ASP.NET CORE 中将 Bearer token 添加到请求中

问题描述

1 个解决方案

解决方案1
1 2022-03-07 10:02:51

如何在 ASP.NET CORE 中将 Bearer token 添加到请求中

问题描述

1 个解决方案

解决方案1 1 2022-03-07 10:02:51

解决方案1
1 2022-03-07 10:02:51