.net core 集成jwtBearer认证后,服务器接收时修改request header中Authorization这个key的名称
作者:互联网
由于客户服务器拦截了request header中的Authorization参数,导致无法正常授权访问。
找了半天目前只有这种方法可以变相解决
AddJwtBearer->OnMessageReceived方法中做简单修改,就可以接收到前台传递的Authorization2这个key了
public static void Configure(IServiceCollection services, IConfiguration configuration) { if (bool.Parse(configuration["Authentication:JwtBearer:IsEnabled"])) { services.AddAuthentication(options => { options.DefaultAuthenticateScheme = "JwtBearer"; options.DefaultChallengeScheme = "JwtBearer"; }).AddJwtBearer("JwtBearer", options => { options.Audience = configuration["Authentication:JwtBearer:Audience"]; options.TokenValidationParameters = new TokenValidationParameters { // The signing key must match! ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(configuration["Authentication:JwtBearer:SecurityKey"])), // Validate the JWT Issuer (iss) claim ValidateIssuer = true, ValidIssuer = configuration["Authentication:JwtBearer:Issuer"], // Validate the JWT Audience (aud) claim ValidateAudience = true, ValidAudience = configuration["Authentication:JwtBearer:Audience"], // Validate the token expiry ValidateLifetime = true, // If you want to allow a certain amount of clock drift, set that here ClockSkew = TimeSpan.Zero, }; options.Events = new JwtBearerEvents { OnMessageReceived = context => { var authorizationIsHave = context.Request.Headers.TryGetValue("Authorization", out _); if (authorizationIsHave) { return Task.CompletedTask; } var authorization2IsHave = context.Request.Headers.TryGetValue("Authorization2", out var token); if (authorization2IsHave) { context.Request.Headers.Add("Authorization", token); } return Task.CompletedTask; } }; }); } }
标签:core,header,request,JwtBearer,Authentication,context,configuration,true,options 来源: https://www.cnblogs.com/feigao/p/14120582.html