經過身份驗證的用戶在 web api owin 中間件中丟失
[英]Authenticated user is lost in web api owin middleware
問題描述
我正在使用Jwt Bearer Aurhentication owin middleware和Jwt Bearer Aurhentication以及Autofac來幫助我的Webapi處理請求。
JwtBearerAuthentication中間件工作正常並將HttpContext.Current.User.Identity.IsAuthenticated設置為true並持續到管道到達webapi middleware ,在我的webapi身份驗證用戶丟失
中間件的順序如下:
public void Configuration(IAppBuilder app)
{
var config = new HttpConfiguration();
WebApiConfig.Register(config);
#region Autofac config
var container = AutofacWebapiConfig.Initialize(GlobalConfiguration.Configuration);
config.DependencyResolver = new AutofacWebApiDependencyResolver(container);
#endregion
#region RoutConfig
RouteConfig.RegisterRoutes(RouteTable.Routes);
#endregion
//Register middlewares
app.UseAutofacMiddleware(container);
app.UseAutofacWebApi(config);
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
app.UseJwtBearerAuthentication(new MyJwtAuthenticationOptions());
app.Use<RedirectUnAuthenticateRequestsMiddleware>();
app.Use<ReadBodyMiddleware>();
app.UseWebApi(config); //in this middleware authenticated user is lost
}
這是我的 WebApiConfig 類:
public static void Register(HttpConfiguration config)
{
// Owin auth
config.SuppressDefaultHostAuthentication();
config.Filters.Add(new HostAuthenticationFilter("Signature"));
GlobalConfiguration.Configuration.IncludeErrorDetailPolicy =
IncludeErrorDetailPolicy.Always;
// Web API routes
config.EnableCors(new EnableCorsAttribute("*", "*", "*"));
config.MapHttpAttributeRoutes();
config.Services.Insert(typeof(ModelBinderProvider), 0,
new SimpleModelBinderProvider(typeof(DocumentModel), new FromFormDataBinding()));
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "{controller}/{action}/{id}",
defaults: new { id = RouteParameter.Optional }
);
}
}
你有什么想法嗎?
Update:
在身份驗證中間件之后的我的IsAuthenticated中間件中, IsAuthenticated設置為 true
public override async Task Invoke(IOwinContext context)
{
var isAuth=context.Request.User.Identity.IsAuthenticated;//It is true as expected.
await Next.Invoke(context);
return;
}
但是當它到達我的控制器時
HttpContext.Current.User.Identity.IsAuthenticated;//It is false.
1 個解決方案
解決方案1
0 已采納 2021-07-01 07:07:31
問題來自WebApiConfig類中的這一行;
config.SuppressDefaultHostAuthentication();
當我發表評論時,問題消失了,經過身份驗證的用戶仍然存在於 webapi 中。
如何使用OWIN中間件在Web Api中實現OAuth2 Authorization_Code流?
[英]How do I implement an OAuth2 Authorization_Code Flow in Web Api using OWIN Middleware?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.