1

我正在尝试使用 IdentityServer 4 配置 GraphQL-dotnet 身份验证,但无法使令牌验证正常工作。在 UI-playground 中,我使用 Chrome ModHeader 扩展来添加身份验证标头,但似乎 api 没有注册令牌 - 它失败并显示“您无权运行此查询。当前用户必须经过身份验证。” . 有什么我想念的吗?先感谢您。

services
    .AddHttpContextAccessor()
    .AddTransient<GraphQL.Validation.IValidationRule, GraphQL.Server.Authorization.AspNetCore.AuthorizationValidationRule>()
    .AddAuthorizationCore(_ => {
        _.AddPolicy(Policies.Authorized, p => p.RequireAuthenticatedUser());
    })
    .AddGraphQL(_ => {
        _.SetFieldMiddleware = true;
        _.EnableMetrics = true;
        _.ExposeExceptions = !_hostEnvironment.IsProduction();
    })
    .AddGraphTypes(ServiceLifetime.Scoped)
    .AddUserContextBuilder(httpContext => httpContext.User);

services           
    .AddAuthentication(_ => {
        _.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
        _.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
        _.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
    })
    .AddIdentityServerAuthentication(options => {
        options.Authority = "http://localhost:5102";
        options.SupportedTokens = SupportedTokens.Jwt;
        options.RequireHttpsMetadata = false; // Note: Set to true in production
        options.ApiName = "api1"; // Audience
    });
4

0 回答 0