WebApi core 2.2 JWT Token not been Authorized
Question
I was able to generate the token but if I tried to Authorize in my controller it doesn't work.
I create a class JWT but I didn't set the issuer or audience.
private List<Claim> Claim = new List<Claim>();
public string GetUserToken(string tp,string id)
{
var sck = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT")));
var sc = new SigningCredentials(sck, SecurityAlgorithms.HmacSha256Signature);
if(tp == "Host")
{
Claim.Add(new Claim(ClaimTypes.Role, "Host"));
Claim.Add(new Claim(ClaimTypes.Name, id));
}
else
{
Claim.Add(new Claim(ClaimTypes.Role, "Client"));
Claim.Add(new Claim(ClaimTypes.Name, id));
}
var token = new JwtSecurityToken(
expires: DateTime.Now.AddDays(30),
signingCredentials: sc,
claims: Claim
);
return new JwtSecurityTokenHandler().WriteToken(token);
}
and Inside of Startup class :
public void ConfigureServices(IServiceCollection services)
{
var SymmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT")));
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).
AddJwtBearer(options => {
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = SymmetricSecurityKey
};
});
And in my controller I just put [Authorize(Roles ="Host")] . Even removing the Roles attribute still the same result, 401 Unauthorized
1 answers
solution1
1 ACCPTED 2019-05-13 17:18:06
Check your key and jwt configuration, your startup class should looks something like this:
public void ConfigureServices(IServiceCollection services)
{
services.AddCors();
services.AddMvc()
.SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
//Get the key from configuration file section
var appSettings = Configuration.GetSection("AppSettings").Get<AppSettings>();
var key = Encoding.ASCII.GetBytes(appSettings.Secret);
//jwt configuration
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x => {
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false
};
});
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
//Configuration of cors to allow request of anothers
app.UseCors(x => x
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader());
//Use the authentication service
app.UseAuthentication();
app.UseHttpsRedirection();
app.UseMvc();
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Custom JWT token validation in .NET Core 2.2
AspNet WebApi core JWT token not Authenticating
JWT “self” authentication in Net Core 2.2 MVC WebApi
ASP.NET Core Website to WebApi authentication using JWT token
.NET Core Jwt Token always expired when trying to access Authorized area
C# Jwt Token generation failed asp.net core 2.2
How to transfer a JWT token at each requesto when using Razor (.NET CORE 2.2 MVC)
Authentication based on JWT token bearer fails under .NET Core 2.2 after move from 3.0
How can i login users from a jwt token and set roles .net core 2.2
Asp-Net-Core WebApi Authentication using Azure ActiveDir oAuth2.0 JWT Token Microsoft Graph
Related Tags