首页新闻找找看学习计划

webapi 采用Owin认证, 提示{"Message":"已拒绝为此请求授权。"}错误。

0
悬赏园豆:50 [待解决问题]
   /// <summary>
    /// 
    /// </summary>
    public class Startup
    {
        public void Configuration(IAppBuilder app)
        {
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()
            {
                AccessTokenProvider = new AuthenticationTokenProvider()
                {
                    OnCreate = (context) =>
                    {

                    },
                    OnCreateAsync = (context) =>
                    {
                        var d = context;
                        return Task.FromResult(0);
                    },
                    OnReceive = (context) =>
                    {
                        var d = context;
                    },
                    OnReceiveAsync = (context) =>
                    {
                        //这里可以解析自定义Token
                        //var d = context;

                        //var identity = new ClaimsIdentity(new GenericIdentity("测试", OAuthDefaults.AuthenticationType));

                        //AuthenticationProperties properties = new AuthenticationProperties();
                        //properties.Dictionary.Add("userName", "测试");

                        //AuthenticationTicket ticket = new AuthenticationTicket(identity, properties);

                        //context.SetTicket(ticket);
                        return Task.FromResult(0);
                    }
                },
                Provider = new OAuthBearerAuthenticationProvider()
                {
                    OnRequestToken = (context) =>
                    {
                        string token = context.Token;
                        return Task.FromResult(0);
                    },
                    OnValidateIdentity = (context) =>
                    {
                        return Task.FromResult(0);
                    }
                }
            });
        }
    }

 

 startup.cs文件如上。

 

无法获取得到this.Principal.Identity.Name,

访问如:

  [Authorize]
        // GET api/values
        public IEnumerable<string> Get()
        {
            return new string[] { "value1", "value2" };
        }

方法,报{"Message":"已拒绝为此请求授权。"}错误。

不知道哪里需要做十么配置?

起点2014的主页 起点2014 | 初学一级 | 园豆:156
提问于:2015-12-28 16:40
< >
分享
所有回答(4)
2

 

 

我也是今天才了解到OWIN,VS新建个WebAPI项目遇到这问题。

OWIN认证方式我还不熟,但此方法我能够测试成功了。

我的解决办法是:Controller加上[AllowAnonymous]特性,或将[Authorize]特性取消,在运行浏览器中输入localhost:6980/api/values/就能有结果了。

[Authorize]结合OWIN的使用,可在项目Provider文件夹下的类ApplicationOAuthProvider中找出些蹊跷。。

而未授权的错误提示实现在Results文件夹下ChallengeResult类中的ExecuteAsync方法中。我这也不太懂,你写的代码我也看不太懂,Controller加了[Authorize],新的WebAPI有采用了新的验证方式,是不是要提供界面进行账号注册,然后才能Get Method的资料呢?不懂啊啊。还在研究中

 

Cornelius | 园豆:80 (初学一级) | 2015-12-29 20:34
0

权限不够

魔战天地 | 园豆:225 (菜鸟二级) | 2016-01-06 17:41
0

请求localhost:6980/api/values需要带上Token

获取Token:localhost:6980/token

 

 

参考以下代码:

 1 using System;
 2 using System.Collections.Generic;
 3 using System.Net.Http;
 4 using System.Net.Http.Headers;
 5 using System.Text;
 6 using System.Threading.Tasks;
 7 
 8 namespace OAuthClientTest
 9 {
10     public class OAuthClientTest
11     {
12         private HttpClient _httpClient;
13 
14         public OAuthClientTest()
15         {
16             _httpClient = new HttpClient();
17             _httpClient.BaseAddress = new Uri("http://localhost:13655");
18         }
19 
20         public string Call_WebAPI_By_Access_Token()
21         {
22             var token = Get_Accesss_Token_By_Client_Credentials_Grant();
23             _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
24             return _httpClient.GetStringAsync("/api/values").Result;
25         }
26 
27         public string Get_Accesss_Token_By_Client_Credentials_Grant()
28         {
29             var parameters = new Dictionary<string, string>();
30             parameters.Add("client_id", "1234");
31             parameters.Add("client_secret", "5678");
32             parameters.Add("grant_type", "client_credentials");
33 
34             return _httpClient.PostAsync("/token", new FormUrlEncodedContent(parameters))
35                               .Result.Content.ReadAsStringAsync().Result;
36         }
37 
38         // 使用Basic Authentication传递clientId与clientSecret
39         public void Get_Accesss_Token_By_Client_Credentials_Grant2()
40         {
41             var clientId = "1234";
42             var clientSecret = "5678";
43             _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(
44                     "Basic",
45                     Convert.ToBase64String(Encoding.ASCII.GetBytes(clientId + ":" + clientSecret)));
46 
47             var parameters = new Dictionary<string, string>();
48             parameters.Add("grant_type", "client_credentials");
49 
50             Console.WriteLine(_httpClient.PostAsync("/token", new FormUrlEncodedContent(parameters))
51                 .Result.Content.ReadAsStringAsync().Result);
52         }
53     }
54 }

 

漂亮的猫 | 园豆:179 (初学一级) | 2016-02-13 16:26
0

返回的是 {"Message":"已拒绝为此请求授权。"},我想返回自己定义格式的数据,怎么做?

邢帅杰 | 园豆:205 (菜鸟二级) | 2017-10-27 15:39
清除回答草稿
   您需要登录以后才能回答,未注册用户请先注册