![](/img/trans.png)
[英]JWT Bearer Keeps returning 401 Status - Bearer error="invalid_token", error_description="The signature is invalid"
[英]Auth0 api returning 401 www-authenticate: Bearer error="invalid_token" in .net core web api
我将 auth0 与 .net core web api 一起使用,下面是我的配置。
在我的 ConfigureServices() 我有
services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(options => { options.Authority = "https://xxxxxxx.auth0.com/"; options.Audience = "https://localhost:5001"; });
在我的 Configure() 方法中,我有
// 2. Enable authentication middleware app.UseAuthentication(); app.UseMvc();
最后在我的 HomeController.cs
[HttpGet("private")]
[Authorize]
public IActionResult Private()
{
return Ok(new
{
Message = "Hello from a private endpoint! You need to be authenticated to see this."
});
}
当我尝试使用正确的访问令牌,使用邮递员或我的反应应用程序访问端点时,我收到 401 未授权或www-authenticate: Bearer error="invalid_token"
我遵循了示例文档,无法弄清楚我在这里做错了什么。 请指教。
尝试明确指定您使用的方案:
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
代替
[Authorize]
您也可以尝试在 Postman 中使用此策略:
https://learning.getpostman.com/docs/postman/sending_api_requests/authorization/#bearer-token
通过配置令牌验证尝试这种方式
.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = "https://xxxxxxx.auth0.com/",
ValidateAudience = true,
ValidAudience = "https://localhost:5001",
ValidateLifetime = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(YourSecretKey)),
ValidateIssuerSigningKey = true
};
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.