我正在编写一个小型授权服务,它将使用 Net Core 1.1 来使用基本身份验证和 JWT 授权。我采用了 Barry Dorans 的示例作为基本身份验证中间件的基础。问题是,有时我的服务会收到没有授权标头的请求,在这种情况下,我希望允许标记为 [AllowAnonymous] 的操作。
ConfigureServices这是获得授权工作的一部分:
_services.AddAuthorization(o =>
{
ClaimOptions authenticatedClaimOptions = new ClaimOptions(CustomClaimTypes.AUTHENTICATED, true);
o.AddPolicy(Policies.AUTHENTICATED, p => p.RequireClaim(authenticatedClaimOptions.ClaimType, authenticatedClaimOptions.ClaimValue));
ClaimOptions tenantMemberClaimOptions = new ClaimOptions(CustomClaimTypes.TENANT_MEMBER, true);
o.AddPolicy(Policies.TENANT_MEMBER, p => p.RequireClaim(tenantMemberClaimOptions.ClaimType, tenantMemberClaimOptions.ClaimValue));
});
_services.AddMvcCore(c =>
{
AuthorizationPolicy policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
c.Filters.Add(new AuthorizeFilter(policy));
// if I uncomment the next line all actions will work as if marked with [AllowAnonymous]
//c.Filters.Add(new AllowAnonymousFilter());
})
.AddApiExplorer()
.AddJsonFormatters(s =>
{
s.ContractResolver = new CamelCasePropertyNamesContractResolver();
s.NullValueHandling …