身份验证时出现连接被拒绝错误 ASP.NET Core 5
Getting connection refused error on authentication ASP.NET Core 5
我正在按照本教程使用 Angular 和 ASP.NET 进行 google 身份验证核心:
但我在 ASP.NET 核心端收到“连接被拒绝”错误。
这是我的 Angular 组件:
import { Component } from '@angular/core';
import { SocialAuthService } from 'angularx-social-login';
import { SocialUser } from 'angularx-social-login';
import { GoogleLoginProvider } from 'angularx-social-login';
import { HttpClient, HttpHeaders } from '@angular/common/http';
@Component({
selector: 'app-root',
templateUrl: './app.component.html',
styleUrls: ['./app.component.css']
})
export class AppComponent {
user: SocialUser | null;
hasApiAccess = false;
constructor(private authService: SocialAuthService, private http: HttpClient)
{
this.user = null;
this.authService.authState.subscribe((user: SocialUser) => {
console.log(user);
if (user) {
this.http.post<any>('http://localhost:5001/user/authenticate', { idToken: user.idToken }).subscribe((authToken: any) => {
console.log(authToken);
let reqHeader = new HttpHeaders({
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + authToken.authToken
});
this.http.get<any>('http://localhost:5002/secured', { headers: reqHeader }).subscribe((data: any) => {
this.hasApiAccess = true;
})
})
}
this.user = user;
});
}
signInWithGoogle(): void {
this.authService.signIn(GoogleLoginProvider.PROVIDER_ID).then((x: any) => console.log(x));
}
signOut(): void {
this.authService.signOut();
this.hasApiAccess = false;
}
}
控制器如下:
using Microsoft.AspNetCore.Mvc;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
namespace GoogleAuthRest.Controllers
{
[ApiController]
[Route("[controller]")]
public class SecuredController : Controller
{
[Authorize]
[HttpGet]
public string Test()
{
return "ok";
}
}
}
和 startup.cs:
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;
using Microsoft.OpenApi.Models;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
using System.Security.Cryptography;
using Microsoft.Extensions.Options;
namespace GoogleAuthRest
{
public class Startup
{
//configure barer token
public class ConfigureJwtBearerOptions : IConfigureNamedOptions<JwtBearerOptions>
{
public void Configure(string name, JwtBearerOptions options)
{
RSA rsa = RSA.Create();
rsa.ImportRSAPublicKey(Convert.FromBase64String(PUBLIC_KEY), out _);
options.IncludeErrorDetails = true;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new RsaSecurityKey(rsa),
ValidateIssuer = true,
ValidIssuer = "AuthService",
ValidateAudience = true,
ValidAudience = "GoogleAuthRest",
CryptoProviderFactory = new CryptoProviderFactory()
{
CacheSignatureProviders = false
}
};
}
public void Configure(JwtBearerOptions options)
{
throw new NotImplementedException();
}
}
//end
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
// configure Angular client
services.AddCors(options =>
{
options.AddPolicy("AllowAngularDevClient",
builder =>
{
builder
.WithOrigins("http://localhost:4200")
.AllowAnyHeader()
.AllowAnyMethod();
});
});
//end
// Add authentication tokens
services.AddAuthentication(options =>
{
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer();
//end
services.AddControllers();
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "GoogleAuthRest", Version = "v1" });
});
// This is the tricky part to inject the configuration so the public key is used to validate the JWT
services.AddTransient<IConfigureOptions<JwtBearerOptions>, ConfigureJwtBearerOptions>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseSwagger();
app.UseSwaggerUI(c => c.SwaggerEndpoint("/swagger/v1/swagger.json", "GoogleAuthRest v1"));
}
//app.UseHttpsRedirection();
app.UseRouting();
app.UseCors("AllowAngularDevClient");
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
private const string PUBLIC_KEY = @"MIICCgKCAgEAtCR2Pii+q9C76P2E9ydHYxnBPjJFGT7MvHuQPKpcS9RImfrkobt0
LPS/406eWm/tRBvnYD9nDpHJNKN3TjEenFQuDGR4RHcGK/e43SAhTAi7+s0tfAQd
6BK4gznIwvs5cWyilh1B7c9sCnxhJ/EYLIe1N2yiD8mhvfojIF4vMYxONIMTGYXy
87lnO9zRAdXAZ39YbtmFmQwK8gfXX5d/XVlKy0tc2y5bRY5iXn9kwqwvFlzL6O4v
pjhqA5kwsJV7efhL9nU0ACR4dG3zwFR3SAOOSETXjnfmjH2ocga+oa65ToypUz2L
1DwnNHt+M5CtDJ9um4dbYaqfBWkjWe3FuGB0GNPS8pbX2nVt76OfHA/QKmxTWvFd
POZnjpg2QhDujyXgoIY731zx5bAklKVoKFma/qfWfCyCSTUzhgu1KQm9swipMsQy
NYr9CjbnIlPn4EvrBIbGcIiaRNCLCIlcAuxE/GiH1zBUfeJxfJQmurejp6mBAtAS
FY08DmUebBz8mlUbB+LXMYKHZ4GK6TecPy0WJU2qRMQ//PKfOa+wkesp4M53SQdp
ItDp5akTzYUo4rXwk3HPCtemKaSNhyG+EYtZ1CAmPN5sEjU0/x0Dq7SU5o8KhogB
m/5HRJ3M9dMRcwD3OcsMl0kW1PPUt04itboS3SlFav90V9uc2YNGpPsCAwEAAQ==";
}
}
可能有人已经阅读了这篇文章并且能够帮助我...
我也试过注释掉validateAudience。这没有帮助
可能您的 cors 策略创建方式不正确。
使用:-
services.AddCors(options =>
options.AddPolicy("AllowAngularDevClient", builder => builder
.WithOrigins("http://localhost:4200")
.AllowAnyHeader()
.AllowAnyMethod())
);
而不是:-
services.AddCors(options =>
{
options.AddPolicy("AllowAngularDevClient",
builder =>
{
builder
.WithOrigins("http://localhost:4200")
.AllowAnyHeader()
.AllowAnyMethod();
});
});
或者你可以正常使用:-
services.AddCors();
然后你的配置服务:-
app.UseCors(x => x.AllowAnyHeader().AllowAnyMethod().WithOrigins("https://localhost:4200"));
希望它能解决您的问题。
我正在按照本教程使用 Angular 和 ASP.NET 进行 google 身份验证核心:
但我在 ASP.NET 核心端收到“连接被拒绝”错误。
这是我的 Angular 组件:
import { Component } from '@angular/core';
import { SocialAuthService } from 'angularx-social-login';
import { SocialUser } from 'angularx-social-login';
import { GoogleLoginProvider } from 'angularx-social-login';
import { HttpClient, HttpHeaders } from '@angular/common/http';
@Component({
selector: 'app-root',
templateUrl: './app.component.html',
styleUrls: ['./app.component.css']
})
export class AppComponent {
user: SocialUser | null;
hasApiAccess = false;
constructor(private authService: SocialAuthService, private http: HttpClient)
{
this.user = null;
this.authService.authState.subscribe((user: SocialUser) => {
console.log(user);
if (user) {
this.http.post<any>('http://localhost:5001/user/authenticate', { idToken: user.idToken }).subscribe((authToken: any) => {
console.log(authToken);
let reqHeader = new HttpHeaders({
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + authToken.authToken
});
this.http.get<any>('http://localhost:5002/secured', { headers: reqHeader }).subscribe((data: any) => {
this.hasApiAccess = true;
})
})
}
this.user = user;
});
}
signInWithGoogle(): void {
this.authService.signIn(GoogleLoginProvider.PROVIDER_ID).then((x: any) => console.log(x));
}
signOut(): void {
this.authService.signOut();
this.hasApiAccess = false;
}
}
控制器如下:
using Microsoft.AspNetCore.Mvc;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
namespace GoogleAuthRest.Controllers
{
[ApiController]
[Route("[controller]")]
public class SecuredController : Controller
{
[Authorize]
[HttpGet]
public string Test()
{
return "ok";
}
}
}
和 startup.cs:
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;
using Microsoft.OpenApi.Models;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
using System.Security.Cryptography;
using Microsoft.Extensions.Options;
namespace GoogleAuthRest
{
public class Startup
{
//configure barer token
public class ConfigureJwtBearerOptions : IConfigureNamedOptions<JwtBearerOptions>
{
public void Configure(string name, JwtBearerOptions options)
{
RSA rsa = RSA.Create();
rsa.ImportRSAPublicKey(Convert.FromBase64String(PUBLIC_KEY), out _);
options.IncludeErrorDetails = true;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new RsaSecurityKey(rsa),
ValidateIssuer = true,
ValidIssuer = "AuthService",
ValidateAudience = true,
ValidAudience = "GoogleAuthRest",
CryptoProviderFactory = new CryptoProviderFactory()
{
CacheSignatureProviders = false
}
};
}
public void Configure(JwtBearerOptions options)
{
throw new NotImplementedException();
}
}
//end
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
// configure Angular client
services.AddCors(options =>
{
options.AddPolicy("AllowAngularDevClient",
builder =>
{
builder
.WithOrigins("http://localhost:4200")
.AllowAnyHeader()
.AllowAnyMethod();
});
});
//end
// Add authentication tokens
services.AddAuthentication(options =>
{
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer();
//end
services.AddControllers();
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "GoogleAuthRest", Version = "v1" });
});
// This is the tricky part to inject the configuration so the public key is used to validate the JWT
services.AddTransient<IConfigureOptions<JwtBearerOptions>, ConfigureJwtBearerOptions>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseSwagger();
app.UseSwaggerUI(c => c.SwaggerEndpoint("/swagger/v1/swagger.json", "GoogleAuthRest v1"));
}
//app.UseHttpsRedirection();
app.UseRouting();
app.UseCors("AllowAngularDevClient");
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
private const string PUBLIC_KEY = @"MIICCgKCAgEAtCR2Pii+q9C76P2E9ydHYxnBPjJFGT7MvHuQPKpcS9RImfrkobt0
LPS/406eWm/tRBvnYD9nDpHJNKN3TjEenFQuDGR4RHcGK/e43SAhTAi7+s0tfAQd
6BK4gznIwvs5cWyilh1B7c9sCnxhJ/EYLIe1N2yiD8mhvfojIF4vMYxONIMTGYXy
87lnO9zRAdXAZ39YbtmFmQwK8gfXX5d/XVlKy0tc2y5bRY5iXn9kwqwvFlzL6O4v
pjhqA5kwsJV7efhL9nU0ACR4dG3zwFR3SAOOSETXjnfmjH2ocga+oa65ToypUz2L
1DwnNHt+M5CtDJ9um4dbYaqfBWkjWe3FuGB0GNPS8pbX2nVt76OfHA/QKmxTWvFd
POZnjpg2QhDujyXgoIY731zx5bAklKVoKFma/qfWfCyCSTUzhgu1KQm9swipMsQy
NYr9CjbnIlPn4EvrBIbGcIiaRNCLCIlcAuxE/GiH1zBUfeJxfJQmurejp6mBAtAS
FY08DmUebBz8mlUbB+LXMYKHZ4GK6TecPy0WJU2qRMQ//PKfOa+wkesp4M53SQdp
ItDp5akTzYUo4rXwk3HPCtemKaSNhyG+EYtZ1CAmPN5sEjU0/x0Dq7SU5o8KhogB
m/5HRJ3M9dMRcwD3OcsMl0kW1PPUt04itboS3SlFav90V9uc2YNGpPsCAwEAAQ==";
}
}
可能有人已经阅读了这篇文章并且能够帮助我...
我也试过注释掉validateAudience。这没有帮助
可能您的 cors 策略创建方式不正确。
使用:-
services.AddCors(options =>
options.AddPolicy("AllowAngularDevClient", builder => builder
.WithOrigins("http://localhost:4200")
.AllowAnyHeader()
.AllowAnyMethod())
);
而不是:-
services.AddCors(options =>
{
options.AddPolicy("AllowAngularDevClient",
builder =>
{
builder
.WithOrigins("http://localhost:4200")
.AllowAnyHeader()
.AllowAnyMethod();
});
});
或者你可以正常使用:-
services.AddCors();
然后你的配置服务:-
app.UseCors(x => x.AllowAnyHeader().AllowAnyMethod().WithOrigins("https://localhost:4200"));
希望它能解决您的问题。