stackoom
  简体   繁体   中英

Getting 401 unauthorized ASP.NET CORE 6

 原文  2022-04-30 19:35:46       c#/ asp.net-core/ asp.net-core-webapi

Question

Im implementing role based authentication in ASP.NET CORE 6, and im getting 401 Unauthorized from Postman. i have included the bearer token, i have checked it in jwt.io and it is valid. but it still shows up 401 unauthorized. here is my startup.cs file

builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
    .AddJwtBearer(options =>
    {
        options.TokenValidationParameters = new TokenValidationParameters
        {
            ValidateIssuerSigningKey = true,
            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration.GetSection("AppSettings:Token").Value)),
            ValidateIssuer = false,
            ValidateAudience = false
        };
    });
builder.Services.AddControllersWithViews();
builder.Services.AddRazorPages();

var app = builder.Build();

// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
    app.UseWebAssemblyDebugging();
}
else
{
    app.UseExceptionHandler("/Error");
    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
    app.UseHsts();
}

app.UseHttpsRedirection();

app.UseBlazorFrameworkFiles();
app.UseStaticFiles();

app.MapRazorPages();

app.UseAuthentication();
app.UseRouting();
app.UseAuthorization();

app.MapControllers();
app.MapFallbackToFile("index.html");

app.Run();

and here is a controller method

[HttpGet("onlinedrivers"), Authorize]

public async Task<ActionResult> GetOnlineDrivers()
{
    var result = await _driverServices.GetOnlineDrivers();
    return Ok(result);
}

i included the jwt bearer token as follows包括代币

i dont know what im doing wrong

2 answers

solution1
 1  2022-11-19 16:16:52

builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
        .AddJwtBearer(options =>
        {
            options.TokenValidationParameters = new TokenValidationParameters
            {
                ValidateIssuerSigningKey = true,
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration.GetSection("AppSettings:Token").Value)),
                ValidateIssuer = false,
                ValidateAudience = false,
                ValidateLifetime = false // you dont want to validate lifetime 
            };
        });

solution2
 0 ACCPTED  2022-04-30 20:08:21

It it fixed, found out i had commented out the token expiration date when i was creating it. i checked the log thanks to gunr2171 and it said

Bearer error="invalid_token", error_description="The token has no expiration"

so when i added the expiration date, it worked.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question SignalR in ASP.Net Core 401 Unauthorized Why I'm getting a 401 unauthorized working with JWT in Asp.Net CORE? ASP.NET CORE REST API (401 Unauthorized) ASP.NET Core Jwt 401 Unauthorized. Policy auth ASP.NET, 401 - Unauthorized, Valid account ASP.NET Core 3.1 how to return 401 Unauthorized instead of Challenge with Azure AD B2C 401 Unauthorized with IdentityServer3 In ASP.Net Core 1.1 MVC Application How to make ASP.Net Core Web API Identity return a 401 on unauthorized Authorization in ASP.NET Core. Always 401 Unauthorized for [Authorize] attribute I have a 401 Unauthorized in Angular even when login whit ASP.NET CORE
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM