我有以下启动代码
services.AddAuthentication(opt =>
{
opt.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
opt.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = false,
ValidateAudience = false,
ValidateLifetime = false,
ValidateIssuerSigningKey = false,
NameClaimType = "uid",
ValidateActor = false,
ValidateSignatureLast = false,
ValidateTokenReplay = false,
ValidateWithLKG = false,
SignatureValidator = (token, parameters) => new JwtSecurityToken(token)
};
});
services.AddAuthorizationBuilder()
.AddPolicy("WithUserIdOnly", policy => policy.RequireClaim("uid"));
但是自从我升级到.net8后,我总是收到401响应。
Api 看起来像这样:
[ApiController]
[Authorize(Policy = "WithUserIdOnly")]
public class MyController : ControllerBase
{
[HttpGet]
public async Task<ActionResult<Resp>> Get()
{}
}
可以通过从 System.IdentityModel.Tokens.Jwt.JwtSecurityToken 更改为 Microsoft.AspNetCore.Authentication.JwtBearer.JsonWebToken
来解决