.net core 集成jwtBearer認證后,服務器接收時修改request header中Authorization這個key的名稱


由於客戶服務器攔截了request header中的Authorization參數,導致無法正常授權訪問。

找了半天目前只有這種方法可以變相解決

AddJwtBearer->OnMessageReceived方法中做簡單修改,就可以接收到前台傳遞的Authorization2這個key了

public static void Configure(IServiceCollection services, IConfiguration configuration)
        {
            if (bool.Parse(configuration["Authentication:JwtBearer:IsEnabled"]))
            {
                services.AddAuthentication(options =>
                {
                    options.DefaultAuthenticateScheme = "JwtBearer";
                    options.DefaultChallengeScheme = "JwtBearer";
                }).AddJwtBearer("JwtBearer", options =>
                {
                    options.Audience = configuration["Authentication:JwtBearer:Audience"];

                    options.TokenValidationParameters = new TokenValidationParameters
                    {
                        // The signing key must match!
                        ValidateIssuerSigningKey = true,
                        IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(configuration["Authentication:JwtBearer:SecurityKey"])),

                        // Validate the JWT Issuer (iss) claim
                        ValidateIssuer = true,
                        ValidIssuer = configuration["Authentication:JwtBearer:Issuer"],

                        // Validate the JWT Audience (aud) claim
                        ValidateAudience = true,
                        ValidAudience = configuration["Authentication:JwtBearer:Audience"],

                        // Validate the token expiry
                        ValidateLifetime = true,

                        // If you want to allow a certain amount of clock drift, set that here
                        ClockSkew = TimeSpan.Zero,
                    };

                    options.Events = new JwtBearerEvents
                    {
                        OnMessageReceived = context =>
                        {
                            var authorizationIsHave = context.Request.Headers.TryGetValue("Authorization", out _);
                            if (authorizationIsHave)
                            {
                                return Task.CompletedTask;
                            }
                            var authorization2IsHave = context.Request.Headers.TryGetValue("Authorization2", out var token);
                            if (authorization2IsHave)
                            {
                                context.Request.Headers.Add("Authorization", token);
                            }
                            return Task.CompletedTask; } };
                });
            }
        }

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM