我在React中有一个客户端应用程序,它使用Auth0正确验证,收到的访问令牌有效并包含适当的受众(使用Auth0证书验证了jwt.io 4中 的令牌)。服务器正在注册一个令牌验证事件,然后是一个消息,AuthenticationScheme: Bearer was challenged.并在401返回后不久。服务器也正确配置了适当的域和受众。HTTP请求包含Authorization带有Bearer方案的标头
解码的JWT有效载荷(有一些替代品):
{ "iss": "https://work.eu.auth0.com/", "sub": "google-oauth2|XXXX", "aud": "https://my-api.com", "https://work.eu.auth0.com/userinfo" ], "iat": 1507787600, "exp": 1507794800, "azp": "iqb4QobWGTA6Xmo3Ys8sIVCK1T5aPsdr", "scope": "openid profile my-api" }
请求的服务器日志:
=> RequestId:0HL8GQM6G7E9T:00000001 RequestPath:/api/1.0/things => my-app.things.Controller.Get (Web) Authorization failed for user: (null). Microsoft.AspNetCore.Authorization.DefaultAuthorizationService:Information: Authorization failed for user: (null). info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3] => RequestId:0HL8GQM6G7E9T:00000001 RequestPath:/api/1.0/things => my-app.things.Controller.Get (Web) Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'. Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information: Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'. info: Microsoft.AspNetCore.Mvc.ChallengeResult[1] => RequestId:0HL8GQM6G7E9T:00000001 RequestPath:/api/1.0/things => my-app.things.Controller.Get (Web) Executing ChallengeResult with authentication schemes (). Microsoft.AspNetCore.Mvc.ChallengeResult:Information: Executing ChallengeResult with authentication schemes (). info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler[2] => RequestId:0HL8GQM6G7E9T:00000001 RequestPath:/api/1.0/things => my-app.things.Controller.Get (Web) Successfully validated the token. Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler:Information: Successfully validated the token. info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler[12] => RequestId:0HL8GQM6G7E9T:00000001 RequestPath:/api/1.0/things => my-app.things.Controller.Get (Web) AuthenticationScheme: Bearer was challenged. Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler:Information: AuthenticationScheme: Bearer was challenged. info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2] => RequestId:0HL8GQM6G7E9T:00000001 RequestPath:/api/1.0/things => my-app.things.Controller.Get (Web) Executed action my-app.things.Controller.Get (Web) in 23.2551ms Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information: Executed action my-app.things.Controller.Get (Web) in 23.2551ms info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2] => RequestId:0HL8GQM6G7E9T:00000001 RequestPath:/api/1.0/things Request finished in 31.3853ms 401 Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 31.3853ms 401 The thread 4456 has exited with code 0 (0x0).
必须在MVC之前设置身份验证的中间件。
app.UserAuthentication();
app.UseMvc();