我有一个webapi,我需要身份验证,我在V1中使用AAD执行此操作。使用Azure Active Directory进行netcore2身份验证:“签名无效”
我都集,与邮递员我可以得到一个令牌,但是,每当我试图做一个请求到API,它给我的错误401:
承载错误=“INVALID_TOKEN” ERROR_DESCRIPTION = “签名是无效”
这是ConfigurationServices的代码:
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddAzureAdBearer(options => Configuration.Bind("AzureAd", options));
这是天蓝色认证生成的类:
public static AuthenticationBuilder AddAzureAdBearer(this AuthenticationBuilder builder)
=> builder.AddAzureAdBearer(_ => { });
public static AuthenticationBuilder AddAzureAdBearer(this AuthenticationBuilder builder, Action<AzureAdOptions> configureOptions)
{
builder.Services.Configure(configureOptions);
builder.Services.AddSingleton<IConfigureOptions<JwtBearerOptions>, ConfigureAzureOptions>();
builder.AddJwtBearer();
return builder;
}
private class ConfigureAzureOptions: IConfigureNamedOptions<JwtBearerOptions>
{
private readonly AzureAdOptions _azureOptions;
public ConfigureAzureOptions(IOptions<AzureAdOptions> azureOptions)
{
_azureOptions = azureOptions.Value;
}
public void Configure(string name, JwtBearerOptions options)
{
options.Audience = _azureOptions.ClientId;
options.Authority = $"{_azureOptions.Instance}{_azureOptions.TenantId}";
}
public void Configure(JwtBearerOptions options)
{
Configure(Options.DefaultName, options);
}
}
这里缺少什么?可以请帮忙吗?
谢谢
送你如何发送承载令牌,令牌?应该有一个头'授权持有人<你的代币到这里>'。也可以看看[这个答案](https://stackoverflow.com/a/45833632/2869344),看看它是否可以帮助你使用API配置。 – pcdev
是的,我有头... – HLourenco