如何拒绝一个身份?我的类继承自 OAuthBearerAuthenticationProvider 并且我有 ValidateIdentity 的覆盖?
我试过设置 context.Rejected();或 context.SetError();并抛出异常但我的 Controller 仍然被调用。 OAuthBearerAuthenticationHandler 会调用我的类,所以我知道我的设置是正确的。
我当前的失败代码
public void ConfigureAuth ( IAppBuilder app )
{
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Enable the application to use bearer tokens to authenticate users
app.UseOAuthBearerAuthentication ( new OAuthBearerAuthenticationOptions ()
{
Provider = new OAuthBearerAuthenticationProvider ()
{
OnValidateIdentity = async ctx => { ctx.Rejected (); }
}
} );
app.UseOAuthBearerTokens(OAuthOptions);
}
最佳答案
我无法重现这个问题。你能检查一下你的 OnValidateIdentity 实现是否相同吗?
OAuthBearerOptions = new OAuthBearerAuthenticationOptions()
{
Provider = new OAuthBearerAuthenticationProvider
{
OnValidateIdentity = async ctx =>
{
ctx.Rejected();
}
}
};
关于c# - 你如何拒绝 Katana Bearer token 身份,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/19552991/