![](/img/trans.png)
[英]ASP.NET Core authentication with JWT: 'The signature is invalid'
[英]JWT Issuer Invalid Asp.Net Core
我的 JWT 沒有得到驗證,因為頒發者聲明失敗了,我不知道為什么創建令牌看起來像這樣:
var key = Encoding.UTF8.GetBytes(_config["JWT:Secret"]);
var signingCredentials = new SigningCredentials(
new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha256Signature);
var token = new JwtSecurityToken(
issuer: _config["JWT:Issuer"],
claims: claims,
notBefore: DateTime.Now,
expires: DateTime.Now.AddMinutes(20),
signingCredentials: signingCredentials
);
在我的 Startup.cs 文件中,我驗證令牌如下:
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options =>
{
options.IncludeErrorDetails = true;
options.RequireHttpsMetadata = false;
options.ClaimsIssuer = Configuration["JWT:Issuer"];
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(Configuration["JWT:Secret"])),
// works when set to false
ValidateIssuer = true,
ValidateAudience = false,
ValidateLifetime = true
};
});
那么為什么我會收到此錯誤:
Bearer error="invalid_token", error_description="頒發者'LoggerApp'無效"
注意:_config 和 Configuration 是相同的依賴
你應該設置ValidIssuer
財產TokenValidationParameters
以確保發行人確認工作:
ValidateIssuer = true,
ValidIssuer = Configuration["JWT:Issuer"],
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.