c# – 你如何拒绝Katana Bearer令牌的身份
作者:互联网
我怎么能拒绝身份?我的类继承自OAuthBearerAuthenticationProvider并且我重写了ValidateIdentity?
我试过设置context.Rejected();或context.SetError();并抛出异常,但我的控制器仍然被调用. OAuthBearerAuthenticationHandler会调用我的类,所以我知道我的设置正确.
我目前的失败代码
public void ConfigureAuth ( IAppBuilder app )
{
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Enable the application to use bearer tokens to authenticate users
app.UseOAuthBearerAuthentication ( new OAuthBearerAuthenticationOptions ()
{
Provider = new OAuthBearerAuthenticationProvider ()
{
OnValidateIdentity = async ctx => { ctx.Rejected (); }
}
} );
app.UseOAuthBearerTokens(OAuthOptions);
}
解决方法:
我无法重复这个问题.你能检查一下OnValidateIdentity的实现是否相同?
OAuthBearerOptions = new OAuthBearerAuthenticationOptions()
{
Provider = new OAuthBearerAuthenticationProvider
{
OnValidateIdentity = async ctx =>
{
ctx.Rejected();
}
}
};
标签:c,asp-net-web-api,owin,katana 来源: https://codeday.me/bug/20190629/1324832.html