[英]Microsoft.Owin.Security.OAuth.OAuthBearerAuthenticationMiddleware Warning: 0 : invalid bearer token received
每当用户尝试访问受保护的api端点时,我都会收到此警告。 身份验证工作正常,用户似乎已通过身份验证,但我一直无法弄清为什么此错误持续发生。 我在没有启用https / ssl的localhost开发服务器上运行此程序。 我可能会错过一个不确定的步骤。 我实现了令牌认证以及使用自定义提供程序刷新令牌。 然后实现了用于生成令牌的自定义jwt格式。
这是应用程序输出日志中的警告:
Microsoft.Owin.Security.OAuth.OAuthBearerAuthenticationMiddleware警告:0:收到无效的承载令牌
SimpleJWTFormat.cs :这指定jwt令牌的格式
public class SimpleJwtFormat : ISecureDataFormat<AuthenticationTicket>
{
private readonly string _issuer = string.Empty;
public SimpleJwtFormat(string issuer)
{
_issuer = issuer;
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = ConfigurationManager.AppSettings["as:AudienceId"];
string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
//var signingKey = new HmacSigningCredentials(keyByteArray);
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray);
securityKey.KeyId = ConfigurationManager.AppSettings["as:AudienceId"];
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingCredentials);
//token.SigningKey = securityKey;
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return jwt;
}
public AuthenticationTicket Unprotect(string protectedText)
{
string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
string audienceId = ConfigurationManager.AppSettings["as:AudienceId"];
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray);
var tokenValidationParameters = new TokenValidationParameters
{
ValidAudience = audienceId,
ValidIssuer = _issuer,
IssuerSigningKey = signingKey,
ValidateLifetime = true,
ValidateAudience = true,
ValidateIssuer = true,
RequireSignedTokens = true,
RequireExpirationTime = true,
ValidateIssuerSigningKey = true
};
var handler = new JwtSecurityTokenHandler();
SecurityToken token = null;
// Unpack token
var pt = handler.ReadToken(protectedText);
string t = ((JwtSecurityToken)pt).RawData;
var principal = handler.ValidateToken(t, tokenValidationParameters, out token);
var identity = principal.Identities;
return new AuthenticationTicket(identity.First(), new AuthenticationProperties());
}
}
问题是我没有在Startup.cs文件中调用app.UseOAuthBearerAuthentication并指定自定义令牌格式。
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()
{
AccessTokenFormat = _tokenFormat
});
Microsoft.Owin.Security.Oauth承载令牌授权拦截
[英]Microsoft.Owin.Security.Oauth Bearer Token Authorization Interception
通过asp.net Microsoft.Owin.Security.OAuth获取访问令牌
[英]get access token via asp.net Microsoft.Owin.Security.OAuth
Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerProvider - clientId 和 clientSecret 在尝试从 Postman 生成令牌时出现 null
[英]Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerProvider - clientId and clientSecret coming null while trying to generate token from Postman
ThinkTecture IdentityServer3与Microsoft.Owin.Security.OAuth2
[英]ThinkTecture IdentityServer3 vs Microsoft.Owin.Security.OAuth2
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.