ASP.NET 核心 Web API：JWT 令牌未设置“HttpContext 用户”

Question

I have a JWT token implementation in my app and I implemented Google login.我的应用程序中有一个 JWT 令牌实现，并且我实现了 Google 登录。 But now, HttpContext.User claims are not set.但是现在，没有设置HttpContext.User声明。

Here is my startup.cs :这是我的startup.cs ：

services.AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        }).AddGoogle(options =>
        {
            options.ClientId = CLIENT_ID
            options.ClientSecret = SECRET
            options.SaveTokens = true;
        })
        .AddJwtBearer(options =>
          {
              options.SaveToken = true;
              options.RequireHttpsMetadata = false;
              options.TokenValidationParameters = new TokenValidationParameters()
              {
                  ValidateIssuer = true,
                  ValidateAudience = true,
                  ValidAudience = Configuration["JWT:ValidAudience"],
                  ValidIssuer = Configuration["JWT:ValidIssuer"],
                  IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["JWT:Secret"]))
              };

              options.Events = new JwtBearerEvents
              {
                  OnMessageReceived = context =>
                  {
                      context.Token = context.Request.Cookies[CookieAuthenticationDefaults.AuthenticationScheme];
                      context.HttpContext.User = context.Principal;
                      return Task.CompletedTask;
                  },
              };
          }).AddCookie(CookieAuthenticationDefaults.AuthenticationScheme);

And I log in like this:我这样登录：

Microsoft.AspNetCore.Identity.SignInResult result = await _signInManager.PasswordSignInAsync(Email, Password, false, true);

This is how I create the JWT token:这就是我创建 JWT 令牌的方式：

var authClaims = new List<Claim>
                     {
                         new Claim(ClaimTypes.Email, user.UserName),
                         new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
                         new Claim(ClaimTypes.Name, user.FirstName)
                     };

var authSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(["JWT:Secret"]));

var token = new JwtSecurityToken(
                            issuer: ["JWT:ValidIssuer"],
                            audience: ["JWT:ValidAudience"],
                            expires: DateTime.UtcNow.AddHours(1),
                            claims: authClaims,
                            signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256)
                            );

Normally, it sets HttpContext.User and claims and I can check通常，它设置HttpContext.User和声明，我可以检查

var userEmail = HttpContext.User.FindFirst(ClaimTypes.Email).Value

but now, this returns null.但现在，这将返回 null。

Do you have any idea why?你知道为什么吗？

Answer 1

I finally got the solution.我终于得到了解决方案。 I just add await _signInManager.SignInAsync(user, false,"JwtBearer");我只是添加await _signInManager.SignInAsync(user, false,"JwtBearer"); and resolved.并解决了。 Thanks!谢谢！

ASP.NET 核心 Web API：JWT 令牌未设置“HttpContext 用户”

问题描述

1 个解决方案

解决方案1
0 2023-02-01 08:30:45

ASP.NET 核心 Web API：JWT 令牌未设置“HttpContext 用户”

问题描述

1 个解决方案

解决方案1 0 2023-02-01 08:30:45

解决方案1
0 2023-02-01 08:30:45