Мобильная версияСпасибо за ответы! Вот дополнительная информация по запросу: < /p>
То, что я реализовал: < /p>* Token generation using `JwtSecurityTokenHandler`
* Validation in `Program.cs` using `AddAuthentication().AddJwtBearer()`
* Authorization attribute added to controller
* Key, issuer, audience and token lifetime set in `appsettings.json`
* Middleware setup: `app.UseAuthentication(); app.UseAuthorization();`
What I've already tried:* Verified the token is correct (decoded properly)
* Copied it into the "Bearer Token" field in Postman Authorization tab
* Tried setting Authorization header manually with `Bearer `
* Confirmed the header is being sent via console log
* Tried using environment variable for the token in Postman
* Removed newline characters and ensured no hidden characters
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6..."
}
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = builder.Configuration["Jwt:Issuer"],
ValidAudience = builder.Configuration["Jwt:Audience"],
IssuerSigningKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"]))
};
});
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = builder.Configuration["Jwt:Issuer"],
ValidAudience = builder.Configuration["Jwt:Audience"],
IssuerSigningKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"]))
};
});
var app = builder.Build();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();
"Jwt": {
"Key": "your_super_secure_very_long_key_1234569!",
"Issuer": "CarDiagnostics",
"Audience": "CarDiagnosticsUsers",
"TokenValidityMinutes": 15
}
< /code>
Введите описание изображения здесь
401 Ответ не включает заголовок www-uthenticate, который является подозрительным. Конечные точки с [авторизацией]. Есть идеи, чего могло пропустить?
Подробнее здесь: https://stackoverflow.com/questions/795 ... re-web-api
