WebApiにIdentityServer3トークン認可を実装する際に問題があります。私のソリューションには、.NET Core Angular 4クライアントサイドプロジェクトと別の.NET Framework 4.5.2 WebApiプロジェクトがあります。 WebApiはテストされ、トークン認可を追加する前に動作しています。 IdentityServer3のログインと認証も機能しています。私は、angle-auth-oidc-clientノードモジュールを使用しています。私は、要求ヘッダーがContent-Type、Accept、Authorizationのために設定された指定プロパティを取得していることを確認しました。ここにいくつかのキーファイルのコードがあります。IdentityServer3 + Angular4 + WebApi原因401不許可
ユーザlist.component.ts
import { Component, OnInit } from '@angular/core';
import { Http, Headers, Response } from '@angular/http';
import { Subject } from 'rxjs/Rx';
import { OidcSecurityService } from 'angular-auth-oidc-client';
import 'rxjs/add/operator/map';
class User {
userId: number;
firstName: string;
middleName: string;
lastName: string;
email: string;
}
@Component({
selector: 'user-list',
templateUrl: './user-list.html',
styleUrls: ['./user-list.css']
})
export class UserListComponent implements OnInit {
dtOptions: DataTables.Settings = {};
users: User[] = [];
dtTrigger: Subject<User> = new Subject();
constructor(private http: Http, private securityService: OidcSecurityService) { }
ngOnInit(): void {
this.dtOptions = {
searching: true,
pagingType: 'full_numbers',
pageLength: 5,
info: false,
lengthChange: false
};
let headers = new Headers();
headers.append('Content-Type', 'application/json');
headers.append('Accept', 'application/json');
headers.append('Authorization', 'Bearer ' + this.securityService.getToken());
//this.dtOptions = this.http.get('api/settings/datatables')
// .toPromise()
// .then(response => response.json());
this.http.get('/api/home', { headers })
.map((response: Response) => response.json())
.subscribe(users => {
this.users = users;
this.dtTrigger.next();
});
}
}
app.module.ts
import { BrowserModule } from '@angular/platform-browser';
import { NgModule } from '@angular/core';
import { HttpModule } from '@angular/http';
import { AppRoutingModule } from './app.routes';
import { DataTablesModule } from 'angular-datatables';
import { AppComponent } from './app.component';
import { UserListComponent } from './user-list/user-list.component';
import { PostalCodeComponent } from './postal-code/postal-code.component';
import { AuthModule, OidcSecurityService, OpenIDImplicitFlowConfiguration } from 'angular-auth-oidc-client';
@NgModule({
declarations: [
AppComponent,
UserListComponent,
PostalCodeComponent
],
imports: [
BrowserModule,
AppRoutingModule,
HttpModule,
DataTablesModule,
AuthModule.forRoot()
],
providers: [OidcSecurityService],
bootstrap: [AppComponent]
})
export class AppModule {
constructor(public oidcSecurityService: OidcSecurityService) {
let settings = new OpenIDImplicitFlowConfiguration();
settings.stsServer = 'https://identitydev.company.com/oidc/core';
settings.redirect_url = 'http://localhost:4200';
settings.client_id = '802523112846585';
settings.response_type = 'id_token token';
settings.scope = 'openid app_profile app_client_api';
settings.post_logout_redirect_uri = 'http://localhost:4200';
settings.startup_route = '/';
//settings.forbidden_route = '/Forbidden';
//settings.unauthorized_route = '/Unauthorized';
settings.log_console_warning_active = true;
settings.log_console_debug_active = true;
//settings.max_id_token_iat_offset_allowed_in_seconds = 10;
//settings.override_well_known_configuration = true;
//settings.override_well_known_configuration_url = 'https://localhost:44386/wellknownconfiguration.json';
// this.oidcSecurityService.setStorage(localStorage);
this.oidcSecurityService.setupModule(settings);
}
}
Startup.cs
using Microsoft.Owin;
using Owin;
using System.Web.Http;
using IdentityServer3.AccessTokenValidation;
using System.Net.Http.Headers;
using Microsoft.Owin.Security.OAuth;
[assembly: OwinStartup(typeof(App.API.Test.Startup))]
namespace App.API.Test
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = "https://identitydev.company.com/oidc/core",
//RequiredScopes = new[] { "app_client_api" },
ValidationMode = ValidationMode.ValidationEndpoint
});
// configure web api
var config = new HttpConfiguration();
config.MapHttpAttributeRoutes();
config.Formatters.JsonFormatter.SupportedMediaTypes.Add(new MediaTypeHeaderValue("text/html"));
app.UseWebApi(config);
}
}
}
HomeController.cs
using System.Collections.Generic;
using System.Security.Claims;
using System.Web.Http;
using TRAX.Models;
namespace App.API.Test.Controllers
{
[Authorize]
[Route("api/home")]
public class HomeController : ApiController
{
[HttpGet]
public IEnumerable<User> Get()
{
UserList list = new UserList();
return list.GetAll;
}
//// GET api/home/{firstname}
//[HttpGet("{FirstName}")]
//public List<User> GetByFirstName(string FirstName)
//{
// UserList list = new UserList();
// return list.GetUserByFirstName(FirstName);
//}
}
}
は**注意:データを返すために、このコントローラーで行くが、あなたはそれが正しいリストを返していることを信頼できるモデルがあります。