![](/img/trans.png)
[英]JWT Bearer Keeps returning 401 Status - Bearer error="invalid_token", error_description="The signature is invalid"
[英]Auth0 api returning 401 www-authenticate: Bearer error="invalid_token" in .net core web api
我將 auth0 與 .net core web api 一起使用,下面是我的配置。
在我的 ConfigureServices() 我有
services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(options => { options.Authority = "https://xxxxxxx.auth0.com/"; options.Audience = "https://localhost:5001"; });
在我的 Configure() 方法中,我有
// 2. Enable authentication middleware app.UseAuthentication(); app.UseMvc();
最后在我的 HomeController.cs
[HttpGet("private")]
[Authorize]
public IActionResult Private()
{
return Ok(new
{
Message = "Hello from a private endpoint! You need to be authenticated to see this."
});
}
當我嘗試使用正確的訪問令牌,使用郵遞員或我的反應應用程序訪問端點時,我收到 401 未授權或www-authenticate: Bearer error="invalid_token"
我遵循了示例文檔,無法弄清楚我在這里做錯了什么。 請指教。
嘗試明確指定您使用的方案:
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
代替
[Authorize]
您也可以嘗試在 Postman 中使用此策略:
https://learning.getpostman.com/docs/postman/sending_api_requests/authorization/#bearer-token
通過配置令牌驗證嘗試這種方式
.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = "https://xxxxxxx.auth0.com/",
ValidateAudience = true,
ValidAudience = "https://localhost:5001",
ValidateLifetime = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(YourSecretKey)),
ValidateIssuerSigningKey = true
};
});
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.