BlazorWASMonASP.NETCorewithOpenIddictgRPCunauthorizedrequestsnotworkingevenwith[AllowAnonymous]
- 在gRPC服务端的Startup.cs文件中添加下列代码:
services.AddAuthorization(options => { options.DefaultPolicy = new AuthorizationPolicyBuilder() .RequireAuthenticatedUser() .AddRequirements(new AllowAnonymousAttribute()) .Build(); });
- 然后,在gRPC客户端的Program.cs文件中添加下列代码:
var metadata = new Metadata(); metadata.Add("Authorization", "Bearer " + token);
- 将token替换成实际的JWT令牌,运行应用程序即可解决问题。
完整代码示例:
在gRPC服务端Startup.cs文件中:
public void ConfigureServices(IServiceCollection services) { services.AddGrpc(); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.Authority = "https://localhost:5001"; options.Audience = "resource_server"; options.TokenValidationParameters = new TokenValidationParameters { ValidateAudience = false }; });
services.AddAuthorization(options =>
{
options.DefaultPolicy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.AddRequirements(new AllowAnonymousAttribute())
.Build();
});
}
在gRPC客户端Program.cs文件中:
static async Task Main(string[] args) { var httpClientHandler = new HttpClientHandler { ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator }; var httpClient = new HttpClient(httpClientHandler) { BaseAddress = new Uri("https://localhost:5002") }; var channel = GrpcChannel.ForAddress("https://localhost:5003", new GrpcChannelOptions { HttpClient = httpClient }); var client = new Greeter.GreeterClient(channel);
var token = await GetAccessToken();
var metadata = new Metadata();
metadata.Add("Authorization", "Bearer " + token);
var reply = await client.SayHelloAsync(new HelloRequest { Name = "GreeterClient" }, metadata);
Console.WriteLine("Greeting: " + reply.Message);
}
注意:GetAccessToken()方法用于获取JWT令牌,需要根据实际情
上一篇:BlazorWASMOIDC提示无论我如何设置,重定向URI都未定义。
下一篇:BlazorWASMonASP.NETCorewithOpenIddictgRPC未授权请求即使有[AllowAnonymous]也无法工作。