由於客戶服務器攔截了request header中的Authorization參數,導致無法正常授權訪問。
找了半天目前只有這種方法可以變相解決
AddJwtBearer->OnMessageReceived方法中做簡單修改,就可以接收到前台傳遞的Authorization2這個key了
public static void Configure(IServiceCollection services, IConfiguration configuration) { if (bool.Parse(configuration["Authentication:JwtBearer:IsEnabled"])) { services.AddAuthentication(options => { options.DefaultAuthenticateScheme = "JwtBearer"; options.DefaultChallengeScheme = "JwtBearer"; }).AddJwtBearer("JwtBearer", options => { options.Audience = configuration["Authentication:JwtBearer:Audience"]; options.TokenValidationParameters = new TokenValidationParameters { // The signing key must match! ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(configuration["Authentication:JwtBearer:SecurityKey"])), // Validate the JWT Issuer (iss) claim ValidateIssuer = true, ValidIssuer = configuration["Authentication:JwtBearer:Issuer"], // Validate the JWT Audience (aud) claim ValidateAudience = true, ValidAudience = configuration["Authentication:JwtBearer:Audience"], // Validate the token expiry ValidateLifetime = true, // If you want to allow a certain amount of clock drift, set that here ClockSkew = TimeSpan.Zero, }; options.Events = new JwtBearerEvents { OnMessageReceived = context => { var authorizationIsHave = context.Request.Headers.TryGetValue("Authorization", out _); if (authorizationIsHave) { return Task.CompletedTask; } var authorization2IsHave = context.Request.Headers.TryGetValue("Authorization2", out var token); if (authorization2IsHave) { context.Request.Headers.Add("Authorization", token); } return Task.CompletedTask; } }; }); } }