J'utilise une API ASP.Net Core 3.0 avec EntityFramework Core comme UserStorage. Startup.cs:<pre class="lang-cs prettyprint-override"><code> public void ConfigureServices(IServiceCollection services) { using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.SpaServices.AngularCli; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; using Microsoft.IdentityModel.Tokens; using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; . . . //Add Identity Provider with EntityFramework services.AddIdentity<User, IdentityRole>() .AddEntityFrameworkStores<ApplicationDBContext>() .AddDefaultTokenProviders(); //Initialize EntityFramework services.AddDbContext<ApplicationDBContext>(options => options.UseSqlite(Configuration.GetConnectionString("localDB"))); //Initialize JWT Authentication services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(jwtBearerOptions => { jwtBearerOptions.TokenValidationParameters = new TokenValidationParameters() { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = true, ValidateIssuerSigningKey = true, ValidIssuer = "http://localhost:44352", ValidAudience = "http://localhost:44352", IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration.GetSection("Secrets")["jwt"])) }; } ); services.AddMvc(options => options.EnableEndpointRouting = false) .AddNewtonsoftJson(); // In production, the Angular files will be served from this directory services.AddSpaStaticFiles(configuration => { configuration.RootPath = "ClientApp/dist"; }); } . . . app.UseHttpsRedirection(); app.UseStaticFiles(); app.UseSpaStaticFiles(); //Enable Authentication app.UseAuthentication(); app.UseAuthorization(); . . . app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller}/{action=Index}/{id?}"); }); . . . </code></pre>Voici mon code émettant un jeton JWT:<pre class="lang-cs prettyprint-override"><code> public async Task<IActionResult> Login() { using (var reader = new StreamReader(Request.Body)) { var body = await reader.ReadToEndAsync(); var cred = JsonConvert.DeserializeObject<Credentials>(body); var result = (await userService.LoginUser(cred.userName, cred.password)); if (result == 200) { var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration.GetSection("Secrets")["jwt"])); var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256Signature); var roles = await userService.GetRoleFromUsername(cred.userName); var rolesString = JsonConvert.SerializeObject(roles); var tokeOptions = new JwtSecurityToken( issuer: "http://localhost:44352", audience: "http://localhost:44352", claims: new List<Claim>(new List<Claim> { new Claim("userName",cred.userName), new Claim("roles", rolesString) }), expires: DateTime.Now.AddHours(1), signingCredentials: signinCredentials ); </code></pre>Ceci est mon appel d'API utilisant l'autorisation:<pre class="lang-cs prettyprint-override"><code> [Route("api/videos/add")] [Authorize(Roles = "Admin")] [HttpPost] public async Task<IActionResult> AddVideo() { using (var reader = new StreamReader(Request.Body)) { var body = await reader.ReadToEndAsync(); var video = JsonConvert.DeserializeObject<Video>(body); await videoService.AddVideo(video); return Ok(); } } </code></pre>Mes packages NuGet sont:<ul> <li>Microsoft.EntityFrameworkCore {3.0.0-preview5.19227.1}</li> <li>Microsoft.EntityFrameworkCore.Sqlite {3.0.0-preview5.19227.1}</li> <li>Microsoft.AspNetCore.Authentication.JwtBearer {3.0.0-preview4-19216-03}</li> <li>Microsoft.EntityFrameworkCore.Sqlite.Core {3.0.0-preview5.19227.1}</li> <li>Microsoft.NETCore.Platforms {3.0.0-preview4.19212.13}</li> <li>Microsoft.AspNetCore.Mvc.NewtonsoftJson {3.0.0-preview5-19227-01}</li> <li>Microsoft.AspNetCore.SpaServices.Extensions {3.0.0-preview5-19227-01}</li> <li>Microsoft.AspNetCore.Identity.EntityFrameworkCore {3.0.0-preview5-19227-01}</li> <li>runtime.win-x64.Microsoft.NETCore.DotNetAppHost {3.0.0-preview4-27615-11}</li> </ul>Le problème que j'ai, c'est que si j'appelle cette partie API, j'obtiens l'erreur:Information: le porteur n'a pas été authentifié. Message d'échec: aucun SecurityTokenValidator disponible pour le jeton:Toute aide serait très appréciée, car je ne trouve pas l'erreur

Jeton de support JWT ASP.Net Core 3.0 Pas de SecurityTokenValidator disponible

J'utilise une API ASP.Net Core 3.0 avec EntityFramework Core comme UserStorage. Startup.cs:

        public void ConfigureServices(IServiceCollection services)
            {
             using Microsoft.AspNetCore.Authentication.JwtBearer;
             using Microsoft.AspNetCore.Builder;
             using Microsoft.AspNetCore.Hosting;
             using Microsoft.AspNetCore.Identity;
             using Microsoft.AspNetCore.SpaServices.AngularCli;
             using Microsoft.EntityFrameworkCore;
             using Microsoft.Extensions.Configuration;
             using Microsoft.Extensions.DependencyInjection;
             using Microsoft.Extensions.Hosting;
             using Microsoft.IdentityModel.Tokens;
             using System;
             using System.Collections.Generic;
             using System.Linq;
             using System.Text;
             using System.Threading.Tasks;
                .
                .
                .

                //Add Identity Provider with EntityFramework
                services.AddIdentity<User, IdentityRole>()
                .AddEntityFrameworkStores<ApplicationDBContext>()
                .AddDefaultTokenProviders();

                //Initialize EntityFramework
                services.AddDbContext<ApplicationDBContext>(options => options.UseSqlite(Configuration.GetConnectionString("localDB")));

                //Initialize JWT Authentication
                services.AddAuthentication(options => {
                    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
                }).AddJwtBearer(jwtBearerOptions =>
                {
                    jwtBearerOptions.TokenValidationParameters = new TokenValidationParameters()
                    {
                        ValidateIssuer = true,
                        ValidateAudience = true,
                        ValidateLifetime = true,
                        ValidateIssuerSigningKey = true,

                        ValidIssuer = "http://localhost:44352",
                        ValidAudience = "http://localhost:44352",
                        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration.GetSection("Secrets")["jwt"]))
                    };
                }
                );
                services.AddMvc(options => options.EnableEndpointRouting = false)
                    .AddNewtonsoftJson();

                // In production, the Angular files will be served from this directory
                services.AddSpaStaticFiles(configuration =>
                {
                    configuration.RootPath = "ClientApp/dist";
                });
            }

            .
            .
            .


                app.UseHttpsRedirection();
                app.UseStaticFiles();
                app.UseSpaStaticFiles();

                //Enable Authentication
                app.UseAuthentication();
                app.UseAuthorization();

                .
                .
                .

                app.UseMvc(routes =>
                {
                    routes.MapRoute(
                        name: "default",
                        template: "{controller}/{action=Index}/{id?}");
                });


    .
    .
    .

Voici mon code émettant un jeton JWT:


public async Task<IActionResult> Login()
        {
            using (var reader = new StreamReader(Request.Body))
            {
                var body = await reader.ReadToEndAsync();
                var cred = JsonConvert.DeserializeObject<Credentials>(body);
                var result = (await userService.LoginUser(cred.userName, cred.password));
                if (result == 200)
                {

                    var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration.GetSection("Secrets")["jwt"]));
                    var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256Signature);

                    var roles = await userService.GetRoleFromUsername(cred.userName);
                    var rolesString = JsonConvert.SerializeObject(roles);

                    var tokeOptions = new JwtSecurityToken(
                                issuer: "http://localhost:44352",
                                audience: "http://localhost:44352",
                                claims: new List<Claim>(new List<Claim> {
                                        new Claim("userName",cred.userName),
                                        new Claim("roles", rolesString)
                                }),
                                expires: DateTime.Now.AddHours(1),
                                signingCredentials: signinCredentials
                    );

Ceci est mon appel d'API utilisant l'autorisation:


[Route("api/videos/add")]
[Authorize(Roles = "Admin")]
[HttpPost]
public async Task<IActionResult> AddVideo()
{
    using (var reader = new StreamReader(Request.Body))
    {
        var body = await reader.ReadToEndAsync();
        var video = JsonConvert.DeserializeObject<Video>(body);
        await videoService.AddVideo(video);
        return Ok();
    }
}

Mes packages NuGet sont:

Microsoft.EntityFrameworkCore {3.0.0-preview5.19227.1}
Microsoft.EntityFrameworkCore.Sqlite {3.0.0-preview5.19227.1}
Microsoft.AspNetCore.Authentication.JwtBearer {3.0.0-preview4-19216-03}
Microsoft.EntityFrameworkCore.Sqlite.Core {3.0.0-preview5.19227.1}
Microsoft.NETCore.Platforms {3.0.0-preview4.19212.13}
Microsoft.AspNetCore.Mvc.NewtonsoftJson {3.0.0-preview5-19227-01}
Microsoft.AspNetCore.SpaServices.Extensions {3.0.0-preview5-19227-01}
Microsoft.AspNetCore.Identity.EntityFrameworkCore {3.0.0-preview5-19227-01}
runtime.win-x64.Microsoft.NETCore.DotNetAppHost {3.0.0-preview4-27615-11}

Le problème que j'ai, c'est que si j'appelle cette partie API, j'obtiens l'erreur:

Information: le porteur n'a pas été authentifié. Message d'échec: aucun SecurityTokenValidator disponible pour le jeton:

Toute aide serait très appréciée, car je ne trouve pas l'erreur

c#angularasp.net-core-webapiasp.net-core-3.0

3 juin 2019Dieter Köberl

J'ai géré ce problème comme ceci:

client.DefaultRequestHeaders.Add("Authorization", $"Bearer {token.Replace("\"", "")}");

Pas la meilleure solution, mais cela a fonctionné.

3 déc. 2019DanielV