Mam problem z uwierzytelnieniem. Tworzę jwt token po zalogowaniu, lecz gdy chcę go przesłać aby wejść do endpointa wymagającego uwierzytelnienia, to dostaje 401.
[AllowAnonymous]
[Route("users/login")]
public async Task<JWT> login([FromBody]Login command)
{
var user = GETUSER
if (user == null)
{
ERROR
}
if (user.Password != command.password)
{
ERROR
}
return BuildToken(user);
}
[Authorize]
[Route("users/test")]
public string test()
{
return "test";
}
private JWToken BuildToken(User user)
{
var now = DateTime.UtcNow;
var claims = new Claim[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
new Claim(JwtRegisteredClaimNames.UniqueName, user.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Iat, now.JWT_ToTimestamp().ToString()),
};
var expires = now.AddHours(1);
var signingCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"])),
SecurityAlgorithms.HmacSha256);
var jwt = new JwtSecurityToken(
issuer: _config["Jwt:Issuer"],
claims: claims,
notBefore: now,
expires: expires,
signingCredentials: signingCredentials
);
var token = new JwtSecurityTokenHandler().WriteToken(jwt);
return new JWToken
{
Token = token,
Expires = expires.ToTimestamp()
};
}
W zwrotce dostaje
{
"token": "eyJhbGciO(...)",
"expires": 1531785151253
}
Której później używam w POSTMAN/Authorization (załącznik)
W configure services mam
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = Configuration["Jwt:Issuer"],
ValidAudience = Configuration["Jwt:Issuer"],
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Jwt:Key"])),
ClockSkew = TimeSpan.Zero
};
});
GUID w Claims zgadza się z GUIDem obiektu.
Pomysły?