2

嗨,我面临一个奇怪的问题,CORS 适用于所有其他功能,但具有 [authorize] 属性的功能除外。我正在使用openiddict对 JWTmiddleware进行授权。服务器托管在 IIS8 上,客户端应用程序位于 angular2 中。它显示以下错误。

XMLHttpRequest 无法加载 example.com/resource。对预检请求的响应未通过访问控制检查:请求的资源上不存在“Access-Control-Allow-Origin”标头。因此,不允许访问源“ http://localhost:58056 ”。

如果您想查看任何特定代码或需要更多信息,请告诉我。

 app.UseStaticFiles();
            loggerFactory.AddConsole(Configuration.GetSection("Logging"));
            loggerFactory.AddDebug();
            loggerFactory.AddConsole();
            app.UseIdentity();
            app.UseSession();
            app.UseGoogleAuthentication(new GoogleOptions
            {
                ClientId = "862227465575-q1spfclcfvflg4tpesfkle4e0jc3q987.apps.googleusercontent.com",
                ClientSecret = "ozzg2VvH2TYbSbBYWE_HIYG5"

            });

            app.UseTwitterAuthentication(new TwitterOptions
            {
                ConsumerKey = "6XaCTaLbMqfj6ww3zvZ5g",
                ConsumerSecret = "Il2eFzGIrYhz6BWjYhVXBPQSfZuS4xoHpSSyD9PI"
            });
            app.UseCors("AllowSpecificOrigin");
            app.UseJwtBearerAuthentication(new JwtBearerOptions
            {
                AutomaticAuthenticate = true,
                AutomaticChallenge = true,
               RequireHttpsMetadata = false
            });
            app.UseOpenIddict();
            app.UseMvc(routes =>
            {
                routes.MapRoute(
                    name: "default",
                    template: "{controller=Home}/{action=Index}/{id?}");
                routes.MapRoute(
                    name: "spa-fallback",
                    template: "{*url}",
                    defaults: new { controller = "Home", action = "Index" });
            });

例外

Microsoft.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException:IDX10 501:签名验证失败。无法匹配 'kid':'7FG4SQ4TIATESTLI-ZDHTL RYPWIEDU_RA1FVG91D',令牌:'{"alg":"RS256","typ":"JWT","kid":"7FG4SQ4TIATESTLI-ZDHTLRYPWIEDU_RA1FVG9 1D"}

4

0 回答 0