1
我能够成功检索令牌,但在尝试使用令牌进行身份验证时,我总是收到Authorization has been denied for this request消息。总是得到“授权已拒绝此请求。”消息
我Startup.cs文件包含以下方法
public void Configuration(IAppBuilder app)
{
var config = new HttpConfiguration();
WebApiConfig.Register(config);
app.UseWebApi(config);
ConfigureOAuth(app);
var jsonFormatter = config.Formatters.OfType<JsonMediaTypeFormatter().First();
jsonFormatter.SerializerSettings
.ContractResolver = new CamelCasePropertyNamesContractResolver();
}
private void ConfigureOAuth(IAppBuilder app)
{
var oAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/Token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
Provider = new DefaultAuthorizationServerProvider()
};
app.UseOAuthAuthorizationServer(oAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
的DefaultAuthorizationServerProvider.cs类包含下列
public class DefaultAuthorizationServerProvider : OAuthAuthorizationServerProvider
{
public override async Task ValidateClientAuthentication
(
OAuthValidateClientAuthenticationContext context
)
{
context.Validated();
}
public override async Task GrantResourceOwnerCredentials
(
OAuthGrantResourceOwnerCredentialsContext context
)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
var identityManager = new IdentityManager();
var identity = identityManager.Get(context.UserName, context.Password,
new IpAddressProvider().Provide(IpAddressType.Forwarding));
if (identity == null)
{
context.SetError("invalid_grant", "Authentication failed. Please make sure you provided the correct username and password.");
}
else
{
identity.AddClaim(new Claim(ClaimTypes.Role, "User"));
context.Validated(identity);
}
}
}
而且IdentityManager.cs类有以下
public class IdentityManager : IIdentityManager
{
public virtual ClaimsIdentity Get
(
string username,
string password,
string ipAddress
)
{
var authenticateUserWorkflowOutput = new AuthenticateUserWorkflowHelper().Execute
(
new AuthenticateUserWorkflowInput
{
Username = username,
Password = password,
IpAddress = ipAddress
},
new AuthenticateUserWorkflowState()
);
if (authenticateUserWorkflowOutput.Message.Exception != null)
{
return null;
}
if (!authenticateUserWorkflowOutput.Authenticated)
{
return null;
}
return authenticateUserWorkflowOutput.User != null ? new Infrastructure.Identity(new[]
{
new Claim(ClaimTypes.Name, authenticateUserWorkflowOutput.MasterUser.EmailAddress),
}, "ApplicationCookie") : null;
}
}
使用招我可以成功取回令牌
但是当我尝试使用令牌,我得到如下回应
