你如何拒绝武士刀持有者令牌的身份
本文关键字:持有者 武士刀 令牌 身份 拒绝 何拒绝 | 更新日期: 2023-09-27 18:36:33
如何拒绝身份?我的类继承自 OAuthBearerAuthenticationProvider,我覆盖了 ValidateIdentity?
我尝试设置上下文。已拒绝();或上下文。设置错误(); 并抛出异常,但我的控制器仍然被调用。 OAuthBearerAuthenticationHandler 确实调用了我的类,所以我知道我的设置是正确的。
我当前失败的代码
public void ConfigureAuth ( IAppBuilder app )
{
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Enable the application to use bearer tokens to authenticate users
app.UseOAuthBearerAuthentication ( new OAuthBearerAuthenticationOptions ()
{
Provider = new OAuthBearerAuthenticationProvider ()
{
OnValidateIdentity = async ctx => { ctx.Rejected (); }
}
} );
app.UseOAuthBearerTokens(OAuthOptions);
}
我无法重现该问题。你能检查一下你的OnValidateIdentity的实现是否相同吗?
OAuthBearerOptions = new OAuthBearerAuthenticationOptions()
{
Provider = new OAuthBearerAuthenticationProvider
{
OnValidateIdentity = async ctx =>
{
ctx.Rejected();
}
}
};