在ASP.NET Core Web API中,JWT身份验证可能不起作用的原因有很多,下面是一些常见的解决方法:
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = Configuration["Jwt:Issuer"],
ValidAudience = Configuration["Jwt:Audience"],
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Jwt:SecretKey"]))
};
});
[Authorize]
[ApiController]
[Route("api/[controller]")]
public class MyController : ControllerBase
{
// ...
}
var token = new JwtSecurityToken(
issuer: Configuration["Jwt:Issuer"],
audience: Configuration["Jwt:Audience"],
claims: claims,
expires: DateTime.UtcNow.AddMinutes(30),
signingCredentials: new SigningCredentials(
new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Jwt:SecretKey"])),
SecurityAlgorithms.HmacSha256)
);
GET /api/myendpoint HTTP/1.1
Host: localhost:5000
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
希望以上解决方法能帮助您解决ASP.NET Core Web API中JWT身份验证不起作用的问题。