2017-01-23 110 views
1

我開始做angular2 + asp.net core申請,開始實施Auth0。我創建了客戶端應用程序和用戶。auth0授權給asp.net核心api

下面是客戶端應用程序設置,以Api提供url

enter image description here

用戶登錄正常工作:

enter image description here

現在我有這個controller的API:

[Route("api")] 
public class PingController : Controller 
{ 
    [Authorize] 
    [HttpGet] 
    [Route("ping/secure")] 
    public string PingSecured() 
    { 
     return "All good. You only get this message if you are authenticated."; 
    } 
} 

而在startup.cs我試圖實現這樣的:

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) 
    { 
     loggerFactory.AddConsole(Configuration.GetSection("Logging")); 
     loggerFactory.AddDebug(); 

     var options = new JwtBearerOptions 
     { 
      Audience = "uUdThU122xYPugR8gLoNTr3HdJ6sWvQV", 
      Authority = "https://dntquitpls.eu.auth0.com/", 

     }; 

     if (env.IsDevelopment()) 
     { 
      app.UseBrowserLink(); 
      app.UseDeveloperExceptionPage(); 
     }; 

     app.UseJwtBearerAuthentication(options); 

     app.UseCors(builder => 
        builder.WithOrigins("http://localhost:61290/").AllowAnyOrigin() 
          .AllowAnyHeader() 
          .AllowAnyMethod() 
        ); 

     app.UseDefaultFiles(); 

     app.UseStaticFiles(); 

     app.UseMvc(routes => 
     { 
      routes.MapWebApiRoute("defaultApi", 
            "api/{controller}/{id?}"); 
     }); 
    } 

而且它不工作,得到這個:

enter image description here

Api部分由Auth0Api教程如果我創建完成,例如一個Api和有一個測試Bearer令牌它與API中的工作,我也配置Startup.cs文件Api,但不幸的是與我的Bearer響應令牌不起作用。

請任何想法,爲什麼它不工作,我沒有得到授權?

回答

4

找到了解決辦法,現在的作品,問題是在Startup.cs文件中選擇HS256編碼,用於UseJwtBearerAuthentication,解決方法:

var keyAsBytes = Encoding.ASCII.GetBytes("CLIENT_SECRET"); 

    var options = new JwtBearerOptions 
    { 
     TokenValidationParameters = 
     { 
      ValidIssuer = "https://dntquitpls.eu.auth0.com/", 
      ValidAudience = "uUdThU122xYPugR8gLoNTr3HdJ6sWvQV", 
      IssuerSigningKey = new SymmetricSecurityKey(keyAsBytes) 
     } 
    }; 
    app.UseJwtBearerAuthentication(options); 

來源:

http://www.jerriepelser.com/blog/using-roles-with-the-jwt-middleware/

如果你想用RS256編碼使用這個:

 var certificationData = Configuration["auth0:certificate"]; 
     var certificate = new X509Certificate2(Convert.FromBase64String(certificationData)); 

     var options = new JwtBearerOptions() 
     { 
      Audience = Configuration["auth0:clientId"], 
      Authority = Configuration["auth0:authority"], 
      AutomaticChallenge = true, 
      AutomaticAuthenticate = true, 

      TokenValidationParameters = { 
       ValidIssuer = Configuration["auth0:authority"], 
       ValidAudience = Configuration["auth0:clientId"], 
       IssuerSigningKey = new X509SecurityKey(certificate) 
      } 
     }; 

     app.UseJwtBearerAuthentication(options);