httprequestmessage do do do d occande＆＃x27;

发布于 2025-01-31 19:01:26 字数 1421 浏览 2 评论 0原文

我有httpclient，带有defaultrequestheaders.authorization header。我像下面的代码段一样设置此标头，但在httprequestmessage上不存在。

_httpClient.DefaultRequestHeaders.Add("Authorization", $"Bearer {_authInfo.AccessToken}");

然后，使用此HTTP客户端进行发布请求，并接收401未经授权状态代码。

var response = await _httpClient.PostAsync("Tokens/Revoke", content);

upd： 要检查问题是否真的与Defaultrequestheaders有关，我使用了所需的授权标题创建了一个httprequestmessage，但这并不有用。

using var reqMsg = new HttpRequestMessage
{
    RequestUri = new Uri("http://localhost:5080/Tokens/Revoke"),
    Method = HttpMethod.Post,
    Content = content,
    Headers = { {"Authorization", $"Bearer {_authInfo.AccessToken}"} }
};
var response = await _httpClient.SendAsync(reqMsg, HttpCompletionOption.ResponseHeadersRead);

然后，我在我的后端服务的请求验证中间件上设置了一个断点，以检查标头是否存在。不幸的是，它不在。我不明白这是如何工作的。看起来像黑魔法。

有人可以把我指向我应该挖的地方吗？

调试的一些屏幕截图

原文

I have HttpClient with a DefaultRequestHeaders.Authorization header. I set this header like in the code snippet below, but it's not present at the HttpRequestMessage.

_httpClient.DefaultRequestHeaders.Add("Authorization", quot;Bearer {_authInfo.AccessToken}");

Then make a POST request with this HTTP client and receive a 401 Unauthorized status code.

var response = await _httpClient.PostAsync("Tokens/Revoke", content);

UPD:
To check whether the issue is really with DefaultRequestHeaders, I created a HttpRequestMessage with the required authorization header, but that wasn't helpful.

using var reqMsg = new HttpRequestMessage
{
    RequestUri = new Uri("http://localhost:5080/Tokens/Revoke"),
    Method = HttpMethod.Post,
    Content = content,
    Headers = { {"Authorization", quot;Bearer {_authInfo.AccessToken}"} }
};
var response = await _httpClient.SendAsync(reqMsg, HttpCompletionOption.ResponseHeadersRead);

Then I set a breakpoint at request validation middleware at my backend service to check if the header is present. And unfortunately, it wasn't there. I can't understand how that works. It looks like black magic.

Can somebody please point me where I should dig?

Some screenshots from debugging

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

凉月流沐 2025-02-07 19:01:26

我的web.api使用携带者令牌，我不得不添加此信息：

builder.Services.AddAuthentication("Bearer").AddJwtBearer(options =>
{
    options.TokenValidationParameters = new()
    {
        ValidateIssuer = true,
        ValidateAudience = true,
        ValidateIssuerSigningKey = true,
        ValidIssuer = builder.Configuration["Authentication:Issuer"],
        ValidAudience = builder.Configuration["Authentication:Audience"],
        IssuerSigningKey = new SymmetricSecurityKey(
            Encoding.ASCII.GetBytes(builder.Configuration["Authentication:SecretForKey"]))
    };
});

尝试使用此功能。

My web.api use bearer token and i had to add this:

builder.Services.AddAuthentication("Bearer").AddJwtBearer(options =>
{
    options.TokenValidationParameters = new()
    {
        ValidateIssuer = true,
        ValidateAudience = true,
        ValidateIssuerSigningKey = true,
        ValidIssuer = builder.Configuration["Authentication:Issuer"],
        ValidAudience = builder.Configuration["Authentication:Audience"],
        IssuerSigningKey = new SymmetricSecurityKey(
            Encoding.ASCII.GetBytes(builder.Configuration["Authentication:SecretForKey"]))
    };
});

Try work with this.

回复收藏 0 原文

~没有更多了~