zoukankan      html  css  js  c++  java
  • .net core 集成jwtBearer认证后,服务器接收时修改request header中Authorization这个key的名称

    由于客户服务器拦截了request header中的Authorization参数,导致无法正常授权访问。

    找了半天目前只有这种方法可以变相解决

    AddJwtBearer->OnMessageReceived方法中做简单修改,就可以接收到前台传递的Authorization2这个key了

    public static void Configure(IServiceCollection services, IConfiguration configuration)
            {
                if (bool.Parse(configuration["Authentication:JwtBearer:IsEnabled"]))
                {
                    services.AddAuthentication(options =>
                    {
                        options.DefaultAuthenticateScheme = "JwtBearer";
                        options.DefaultChallengeScheme = "JwtBearer";
                    }).AddJwtBearer("JwtBearer", options =>
                    {
                        options.Audience = configuration["Authentication:JwtBearer:Audience"];
    
                        options.TokenValidationParameters = new TokenValidationParameters
                        {
                            // The signing key must match!
                            ValidateIssuerSigningKey = true,
                            IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(configuration["Authentication:JwtBearer:SecurityKey"])),
    
                            // Validate the JWT Issuer (iss) claim
                            ValidateIssuer = true,
                            ValidIssuer = configuration["Authentication:JwtBearer:Issuer"],
    
                            // Validate the JWT Audience (aud) claim
                            ValidateAudience = true,
                            ValidAudience = configuration["Authentication:JwtBearer:Audience"],
    
                            // Validate the token expiry
                            ValidateLifetime = true,
    
                            // If you want to allow a certain amount of clock drift, set that here
                            ClockSkew = TimeSpan.Zero,
                        };
    
                        options.Events = new JwtBearerEvents
                        {
                            OnMessageReceived = context =>
                            {
                                var authorizationIsHave = context.Request.Headers.TryGetValue("Authorization", out _);
                                if (authorizationIsHave)
                                {
                                    return Task.CompletedTask;
                                }
                                var authorization2IsHave = context.Request.Headers.TryGetValue("Authorization2", out var token);
                                if (authorization2IsHave)
                                {
                                    context.Request.Headers.Add("Authorization", token);
                                }
                                return Task.CompletedTask;
                            }
                        };
                    });
                }
            }
  • 相关阅读:
    nginx缓存
    java 常用命令工具
    shell流程控制--循环语句
    Python 文档 涉及词汇
    python 学习网站
    python web入门程序
    编译安装 Python3.6.1
    正则表达式与grep
    编译安装 Nginx1.12.1
    查看进程号
  • 原文地址:https://www.cnblogs.com/feigao/p/14120582.html
Copyright © 2011-2022 走看看