auth0授权给asp.net核心api
问题描述:
我开始做angular2
+ asp.net core
申请,开始实施Auth0
。我创建了客户端应用程序和用户。auth0授权给asp.net核心api
下面是客户端应用程序设置,以Api
提供url
:
用户登录正常工作:
现在我有这个controller
的API:
[Route("api")]
public class PingController : Controller
{
[Authorize]
[HttpGet]
[Route("ping/secure")]
public string PingSecured()
{
return "All good. You only get this message if you are authenticated.";
}
}
而在startup.cs
我试图实现这样的:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
var options = new JwtBearerOptions
{
Audience = "uUdThU122xYPugR8gLoNTr3HdJ6sWvQV",
Authority = "https://dntquitpls.eu.auth0.com/",
};
if (env.IsDevelopment())
{
app.UseBrowserLink();
app.UseDeveloperExceptionPage();
};
app.UseJwtBearerAuthentication(options);
app.UseCors(builder =>
builder.WithOrigins("http://localhost:61290/").AllowAnyOrigin()
.AllowAnyHeader()
.AllowAnyMethod()
);
app.UseDefaultFiles();
app.UseStaticFiles();
app.UseMvc(routes =>
{
routes.MapWebApiRoute("defaultApi",
"api/{controller}/{id?}");
});
}
而且它不工作,得到这个:
Api
部分由Auth0
Api
教程如果我创建完成,例如一个Api
和有一个测试Bearer
令牌它与API中的工作,我也配置Startup.cs
文件Api
,但不幸的是与我的Bearer
响应令牌不起作用。
请任何想法,为什么它不工作,我没有得到授权?
答
找到了解决办法,现在的作品,问题是在Startup.cs
文件中选择HS256编码,用于UseJwtBearerAuthentication
,解决方法:
var keyAsBytes = Encoding.ASCII.GetBytes("CLIENT_SECRET");
var options = new JwtBearerOptions
{
TokenValidationParameters =
{
ValidIssuer = "https://dntquitpls.eu.auth0.com/",
ValidAudience = "uUdThU122xYPugR8gLoNTr3HdJ6sWvQV",
IssuerSigningKey = new SymmetricSecurityKey(keyAsBytes)
}
};
app.UseJwtBearerAuthentication(options);
来源:
http://www.jerriepelser.com/blog/using-roles-with-the-jwt-middleware/
如果你想用RS256编码使用这个:
var certificationData = Configuration["auth0:certificate"];
var certificate = new X509Certificate2(Convert.FromBase64String(certificationData));
var options = new JwtBearerOptions()
{
Audience = Configuration["auth0:clientId"],
Authority = Configuration["auth0:authority"],
AutomaticChallenge = true,
AutomaticAuthenticate = true,
TokenValidationParameters = {
ValidIssuer = Configuration["auth0:authority"],
ValidAudience = Configuration["auth0:clientId"],
IssuerSigningKey = new X509SecurityKey(certificate)
}
};
app.UseJwtBearerAuthentication(options);