zoukankan      html  css  js  c++  java

  • .Net5 Swagger开启JWT认证

    1、修改Startup.cs文件

    2、中间件件注

      app.UseAuthorization();

    4、效果

     

     5、代码如下:

     1  public void ConfigureServices(IServiceCollection services)
 2         {
 3             services.AddControllers().AddControllersAsServices();
 4             services.AddSwaggerGen(c =>
 5             {
 6                 c.SwaggerDoc("v1", new OpenApiInfo { Title = "LTT.API", Version = "v1" });
 7 
 8                 //Locate the XML file being generated by ASP.NET...
 9                 var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.XML";
10                 var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
11                 //... and tell Swagger to use those XML comments.
12                 c.IncludeXmlComments(xmlPath);
13 
14                 #region Swagger开启Jwt认证
15                 //开启权限小锁
16                 c.OperationFilter<AddResponseHeadersFilter>();
17                 c.OperationFilter<AppendAuthorizeToSummaryOperationFilter>();
18 
19                 //在header中添加token,传递到后台
20                 c.OperationFilter<SecurityRequirementsOperationFilter>();
21                 c.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
22                 {
23                     Description = "JWT授权(数据将在请求头中进行传递)直接在下面框中输入Bearer {token}(注意两者之间是一个空格) "",
24                     Name = "Authorization",//jwt默认的参数名称
25                     In = ParameterLocation.Header,//jwt默认存放Authorization信息的位置(请求头中)
26                     Type = SecuritySchemeType.ApiKey
27                 });
28                 #endregion
29             });
30 
31             //JWT认证
32             services.AddAuthentication(options =>
33             {
34                 options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
35                 options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
36                 options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
37             }).AddJwtBearer(options =>
38             {
39                 options.SaveToken = true;
40                 options.RequireHttpsMetadata = false;
41                 options.TokenValidationParameters = new TokenValidationParameters()
42                 {
43                     ValidateIssuer = true,
44                     ValidateAudience = true,
45                     ValidAudience = "https://www.cnblogs.com/chengtian",
46                     ValidIssuer = "https://www.cnblogs.com/chengtian",
47                     IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("SecureKeySecureKeySecureKeySecureKeySecureKeySecureKey"))
48                 };
49             });
50         }
    View Code

      对了,授权和认证的注入顺序一定不要错了!!!一定是先认证再授权!相当于先知道你是谁然后再确定你有什么权利!

    感谢:

    https://www.cnblogs.com/shuaichao/p/12376870.html

    https://www.cnblogs.com/laozhang-is-phi/p/9511869.html
  • 相关阅读:
    百度高级搜索技巧
    JRebel插件使用详解
    css3自适应布局单位vw,vh详解
    vue的MVVM原理
    JS实现全屏和退出全屏
    设置不定宽高的元素垂直水平居中
    微信小程序启动更新机制
    了解MVVM原理
    xss攻击和csrf攻击的定义及区别
    跨站脚本漏洞(XSS)基础讲解
  • 原文地址:https://www.cnblogs.com/PrintY/p/14312439.html
Copyright © 2011-2022 走看看