I followed the tutorial but it's seems not working properly with JWT, but it was ok for basic authentication.
I downloaded and installed JwtAuthForWebAPI. I also generated JWT token and trying to do a API call but error is HTTP/1.1 401 Unauthorized.
Do I have to implement/modify anything to transfer claims from JWT to Thread.CurrentPrincipal & HttpContext.CurrentPrincipal?
My code is quite simple: global.asax.cs:
GlobalConfiguration.Configuration.MessageHandlers.Add(
new JwtAuthenticationMessageHandler
{
AllowedAudience = reader.AllowedAudience,
Issuer = reader.Issuer,
SigningToken = builder.CreateFromKey(reader.SymmetricKey)
});
Web.config:
<configSections>
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" />
<section name="JwtAuthForWebAPI" type="JwtAuthForWebAPI.JwtAuthForWebApiConfigurationSection"/>
</configSections>
<JwtAuthForWebAPI
AllowedAudience="http://www.example.com"
Issuer="corp"
SymmetricKey="cXdlcnR5dWlvcGFzZGZnaGprbHp4Y3Zibm0xMjM0NTY="
/>
Call example
GET http://localhost:34669/api/v1/tasks/8 HTTP/1.1
Host: localhost:34669
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJjb3JwIiwiYXVkIjoiaHR0cDovL3d3dy5leGFtcGxlLmNvbSIsIm5iZiI6MTQwMDU1Mzc1NywiZXhwIjoxNzE2MTcyOTU3LCJ1bmlxdWVfbmFtZSI6ImJob2dnIiwiZ2l2ZW5fbmFtZSI6IkJvc3MiLCJmYW1pbHlfbmFtZSI6IkhvZ2ciLCJyb2xlIjpbIk1hbmFnZXIiLCJKdW5pb3JXb3JrZXIiXX0.Ls73kz80rCaCNqzc3K32BVO9_LnJDL8c1g5AXKIzn8w
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 别忘想泡老子 的文章《JWT token not accepted by Web APi2 authentication 》','https://www.manongdao.com/article-844696.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}