堆栈内存溢出
  繁体   English   中英

如何在 ASP.NET CORE 中将 Bearer token 添加到请求中

[英]How to add Bearer token to a request in ASP.NET CORE

 原文  2022-03-05 16:50:47       c#/ api/ asp.net-core/ model-view-controller/ bearer-token

问题描述

我有一个由 Bearer 令牌保护的 API,将在 mvc 项目中使用。 我正在使用ClientFactory在 mvc 中调用 API。 我从WeatherForecast [HttpGet]方法获取生成的令牌,并使用它来访问 Authorized PlayerController方法。 它在 Postman 中运行良好,但是当我尝试在 mvc 中访问PlayerController时,在运行调试器时它显示未经授权的响应!

这是在 mvc 项目中获取和使用生成的令牌的操作

        private async Task<JWTToken> CreateToken()
        {
            var request = new HttpRequestMessage(HttpMethod.Get, "http://localhost:42045/weatherforecast");
            var client = _clientFactory.CreateClient();
            HttpResponseMessage response = await client.SendAsync(request);
            var token = await response.Content.ReadAsStringAsync();
            HttpContext.Session.SetString("JwToken", token);
            return JsonConvert.DeserializeObject<JWTToken>(token);

        }
        public async Task<IActionResult> GetAllPlayers()
        {
            JWTToken token = null;
            var strToken = HttpContext.Session.GetString("JwToken");
            if (string.IsNullOrWhiteSpace(strToken))
            {
                token = await CreateToken();
            }
            else
            {
                token = JsonConvert.DeserializeObject<JWTToken>(strToken);
            }
            if (token == null || string.IsNullOrWhiteSpace(token.token) || token.expireAt <= DateTime.UtcNow)
            {
                token = await CreateToken();
            }
            List<Player> players = new List<Player>();
            var request = new HttpRequestMessage(HttpMethod.Get, "http://localhost:42045/api/player");
            var client = _clientFactory.CreateClient();
            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token.token);
            HttpResponseMessage response = await client.SendAsync(request, HttpCompletionOption.ResponseHeadersRead);
            if (response.StatusCode == System.Net.HttpStatusCode.OK)
            {
                var apiString = await response.Content.ReadAsStringAsync();
                players = JsonConvert.DeserializeObject<List<Player>>(apiString);

            }
            return View(players);
        }

这是WeatherForecast controller 中的CreateToken方法

[HttpGet]
    

public ActionResult<string> Get()
    {
        var rng = new Random();
        var weathers = Enumerable.Range(1, 5).Select(index => new WeatherForecast
        {
            Date = DateTime.Now.AddDays(index),
            TemperatureC = rng.Next(-20, 55),
            Summary = Summaries[rng.Next(Summaries.Length)]
        });
        return Ok(new {
            expireAt = DateTime.UtcNow.AddMinutes(15), token = CreateToken()
        });
    }
    public string CreateToken()
    {
        var key = new SymmetricSecurityKey(System.Text.Encoding.ASCII.GetBytes(_configuration
            .GetSection("AppSettings:Token").Value));
        var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature);
        var token = new JwtSecurityToken(
            claims: new List<Claim>
            {
                new Claim("firstName", "Ahmad"),
                new Claim("lastName", "Zooghii")
            },
            signingCredentials: creds,
            expires: DateTime.UtcNow.AddMinutes(15)
            );
        return new JwtSecurityTokenHandler().WriteToken(token);
    }

1 个解决方案

解决方案1
 1  2022-03-07 10:02:51

添加services.AddHttpClient(); 在 startup.cs

而这段代码在 controller 中:

private readonly IHttpClientFactory _httpClientFactory;

public HomeController(IHttpClientFactory httpClientFactory)
{
    _httpClientFactory = httpClientFactory;
}

public async Task<IActionResult> IndexAsync()
{
    var httpClient = _httpClientFactory.CreateClient();
    var token = "your_token";
    httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
    HttpResponseMessage response = await httpClient.GetAsync("your_url");
    return View();
}

在此处输入图像描述

======================Cors 政策========================

在 startup.cs -> ConfigureServices方法中添加以下代码

services.AddCors(options =>
{
    options.AddPolicy(name: "mypolicy",
                      builder =>
                      {
                          builder.AllowAnyHeader().AllowAnyMethod().AllowAnyOrigin();
                      });
});

添加app.UseCors("mypolicy"); 在 startup.cs -> Configure app.UseRouting(); 线。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Asp.Net Core 2 验证不记名令牌 ASP.NET Core 中的承载令牌身份验证 如何在 Asp.Net Core 6 中向类型化的 HttpClient 添加不记名令牌身份验证 ASP.NET Core中如何添加token请求header 在 Asp.Net Core 中使用 Swagger 未在请求中发送授权承载令牌 ASP.Net Core 3.0 JWT Bearer Token 没有可用的 SecurityTokenValidator 不记名令牌出现 401 错误 - asp.net 核心 3.1 ASP.NET Core 6 JWT 不记名令牌异常 ASP.NET 核心6:Swagger不发送/识别不记名令牌 ASP.NET Core 3.1 不授权不记名令牌
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM