由于客户服务器拦截了request header中的Authorization参数,导致无法正常授权访问。
找了半天目前只有这种方法可以变相解决
AddJwtBearer->OnMessageReceived方法中做简单修改,就可以接收到前台传递的Authorization2这个key了
public static void Configure(IServiceCollection services, IConfiguration configuration)
{
if (bool.Parse(configuration["Authentication:JwtBearer:IsEnabled"]))
{
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = "JwtBearer";
options.DefaultChallengeScheme = "JwtBearer";
}).AddJwtBearer("JwtBearer", options =>
{
options.Audience = configuration["Authentication:JwtBearer:Audience"];
options.TokenValidationParameters = new TokenValidationParameters
{
// The signing key must match!
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(configuration["Authentication:JwtBearer:SecurityKey"])),
// Validate the JWT Issuer (iss) claim
ValidateIssuer = true,
ValidIssuer = configuration["Authentication:JwtBearer:Issuer"],
// Validate the JWT Audience (aud) claim
ValidateAudience = true,
ValidAudience = configuration["Authentication:JwtBearer:Audience"],
// Validate the token expiry
ValidateLifetime = true,
// If you want to allow a certain amount of clock drift, set that here
ClockSkew = TimeSpan.Zero,
};
options.Events = new JwtBearerEvents
{
OnMessageReceived = context =>
{
var authorizationIsHave = context.Request.Headers.TryGetValue("Authorization", out _);
if (authorizationIsHave)
{
return Task.CompletedTask;
}
var authorization2IsHave = context.Request.Headers.TryGetValue("Authorization2", out var token);
if (authorization2IsHave)
{
context.Request.Headers.Add("Authorization", token);
}
return Task.CompletedTask;
}
};
});
}
}