{"id":3509,"date":"2018-07-29T23:03:18","date_gmt":"2018-07-29T15:03:18","guid":{"rendered":"http:\/\/leybreeze.com\/blog\/?p=3509"},"modified":"2019-10-15T21:49:39","modified_gmt":"2019-10-15T13:49:39","slug":"angular%e3%80%81-net-web-api-%e9%aa%8c%e8%af%81%ef%bc%88authentication%ef%bc%89%e4%b8%8e%e8%b7%a8%e6%9d%a5%e6%ba%90%e8%b5%84%e6%ba%90%e5%85%b1%e4%ba%ab%ef%bc%88cors%ef%bc%89","status":"publish","type":"post","link":"http:\/\/leybreeze.com\/blog\/?p=3509","title":{"rendered":"Angular\u3001.NET Web Api \u9a8c\u8bc1\uff08Authentication\uff09\u4e0e\u8de8\u6765\u6e90\u8d44\u6e90\u5171\u4eab\uff08Cors\uff09"},"content":{"rendered":"<p>\u9a8c\u8bc1\u662f\u4efb\u4f55 Web \u670d\u52a1\u90fd\u5fc5\u987b\u8003\u8651\u7684\u57fa\u7840\u95ee\u9898\u3002\u5173\u4e8e .NET \u5e73\u53f0\u7684\u9a8c\u8bc1\u4e0e\u6388\u6743\uff0c\u6309\u7406\u8bf4\u5fae\u8f6f\u5df2\u7ecf\u63d0\u4f9b\u4e86\u76f8\u5f53\u5145\u5206\u7684\u6587\u6863\u4e0e\u793a\u4f8b\u4ee3\u7801\u3002<\/p>\n<ul>\n<li>ASP.NET Web API \u7684<a href=\"https:\/\/docs.microsoft.com\/en-us\/aspnet\/web-api\/overview\/security\/authentication-and-authorization-in-aspnet-web-api\">\u9a8c\u8bc1\u4e0e\u6388\u6743<\/a>\uff1a\u4e86\u89e3\u9a8c\u8bc1\u4e0e\u6388\u6743\u7684\u57fa\u672c\u6982\u5ff5<\/li>\n<li><a href=\"http:\/\/johnatten.com\/2014\/04\/20\/asp-net-mvc-and-identity-2-0-understanding-the-basics\/\">ASP.NET Identity 2.0<\/a>\uff1a\u4e86\u89e3 ASP.NET \u76ee\u524d\u7528\u4e8e\u5b9e\u73b0\u9a8c\u8bc1\u6388\u6743\u7684 Identity \u6846\u67b6<\/li>\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/aspnet\/web-api\/overview\/security\/individual-accounts-in-web-api\">ASP.NET Web API \u7684\u672c\u5730\u8d26\u6237\u9a8c\u8bc1<\/a>\uff1a\u4e86\u89e3\u5982\u4f55\u5229\u7528 .NET \u63d0\u4f9b\u7684\u6846\u67b6\u5b9e\u73b0\u7528\u6237\u6ce8\u518c\u4e0e\u767b\u9646\uff0c\u5e76\u901a\u8fc7\u83b7\u5f97\u7684 bearer \u53e3\u4ee4\uff08Token\uff09\u83b7\u53d6\u8d44\u6e90<\/li>\n<\/ul>\n<p>.NET Identity \u6846\u67b6\u63d0\u4f9b\u4e86\u73b0\u6210\u7684\u6570\u636e\u5e93\u7ed3\u6784\u4ee5\u53ca\u4e00\u7cfb\u5217\u63a5\u53e3\uff0c\u53ef\u4ee5\u5b9e\u73b0\u7528\u6237\u6ce8\u518c\u3001\u767b\u5f55\u767b\u51fa\u3001\u53e3\u4ee4\u751f\u6210\u3001\u90ae\u7bb1\u7684\u786e\u8ba4\u3001\u5bc6\u7801\u91cd\u7f6e\u7b49\u57fa\u672c\u529f\u80fd\uff0c\u4e5f\u53ef\u4ee5\u4e0e\u793e\u4ea4\u5a92\u4f53\u8d26\u6237\u96c6\u6210\u5b9e\u73b0\u7528\u6237\u6ce8\u518c\u4e0e\u767b\u9646\u3002<\/p>\n<p>\u9700\u8981\u6ce8\u610f\u7684\u662f\uff0c.NET MVC \u4e0e .NET Core \u6240\u4f7f\u7528\u7684\u63a5\u53e3\u4ee3\u7801\u548c .NET Web Api \u6709\u6240\u4e0d\u540c\uff0c\u5982\u679c\u6df7\u5408\u9605\u8bfb\u6587\u6863\u4e0e\u4ee3\u7801\uff0c\u53ef\u80fd\u4f1a\u9020\u6210\u6df7\u6dc6\u4e0e\u7406\u89e3\u4e0a\u7684\u56f0\u6270\u3002\u4e0d\u540c\u7248\u672c\u7684\u6587\u6863\u5bf9\u90ae\u7bb1\u9a8c\u8bc1\u7b49\u529f\u80fd\u7684\u5904\u7406\u903b\u8f91\u4e5f\u6709\u5dee\u522b\uff0c\u4e0d\u53ef\u7b80\u5355\u5408\u5e76\u4f7f\u7528\u3002<\/p>\n<p>\u540e\u7aef\u82e5\u90e8\u7f72\u81f3 Azure \u7b49\u4e91\u5e73\u53f0\uff0c\u53e3\u4ee4\u7684\u751f\u6210\u4e5f\u53ef\u80fd\u4f1a\u9047\u5230\u5728\u672c\u5730\u4e0d\u4f1a\u53d1\u751f\u7684\u95ee\u9898\uff0c\u62a5\u9519\u201c The data protection operation was unsuccessful. This may have been caused by not having the user profile loaded for the current thread&#8217;s user context, which may be the case when the thread is impersonating.\u201d\u3002\u4f8b\u5982\uff0c.NET MVC \u7248\u793a\u4f8b\u4ee3\u7801\u5728\u7528\u6237\u767b\u5f55\u5e76\u9a8c\u8bc1\u90ae\u7bb1\u540e\u751f\u6210\u53e3\u4ee4\u65f6\u4f1a\u8bd5\u56fe\u8c03\u7528 \/Token \u63a5\u53e3\uff0c\u89e6\u53d1\u9519\u8bef\u3002\u7f51\u4e0a\u9488\u5bf9\u6b64\u95ee\u9898\u6709\u4e00\u4e9b\u89e3\u51b3\u65b9\u6848\uff0c\u5374\u90fd\u4e0d\u592a\u6709\u6548\u3002\u4e8b\u5b9e\u4e0a\uff0c\u53ef\u6682\u65f6\u5ffd\u7565\u5bf9\u90ae\u7bb1\u662f\u5426\u5f97\u5230\u9a8c\u8bc1\u7684\u68c0\u67e5\uff0c\u76f4\u63a5\u524d\u53f0\u8c03\u7528 \/Token \u63a5\u53e3\uff0c\u5c31\u80fd\u907f\u514d\u8be5\u9519\u8bef\u3002\u5bf9\u90ae\u7bb1\u7684\u786e\u8ba4\u53ef\u4ee5\u5728\u4e4b\u540e\u5b9e\u9645\u6267\u884c\u5904\u7406\u65f6\u6309\u9700\u8fdb\u884c\u3002<\/p>\n<p>\u5fae\u8f6f\u5b98\u65b9\u7684\u793a\u4f8b\u4ee3\u7801\u90fd\u6ca1\u6709\u6d89\u53ca Cors\uff08cross origin resource sharing\uff09 \u95ee\u9898\uff0c\u5373\u4f7f\u662f Angular \u9879\u76ee\u6a21\u677f\uff0c\u7531\u4e8e\u524d\u7aef\u9ed8\u8ba4\u4e0e\u540e\u7aef\u5171\u5b58\u4e8e\u540c\u4e00\u4e2a\u89e3\u51b3\u65b9\u6848\uff0c\u4e5f\u4e0d\u5b58\u5728\u8fd9\u4e00\u95ee\u9898\u3002\u7136\u800c\uff0c\u5982\u679c\u524d\u540e\u7aef\u5206\u79bb\uff0c\u524d\u7aef Angular \u7a0b\u5e8f\u7684\u57df\u540d\u5f88\u53ef\u80fd\u4e0e\u540e\u7aef\u4e0d\u540c\u3002<\/p>\n<p>\u5fae\u8f6f\u9488\u5bf9 .NET Web Api \u7684 Cors \u6709\u4e00\u4e9b\u6587\u6863\uff0c\u4f46\u5f88\u9057\u61be\uff0c\u5982\u679c\u6709\u63a5\u53e3\u901a\u8fc7 bearer token \u8fdb\u884c\u9a8c\u8bc1\u4e0e\u6388\u6743\uff0c\u90a3\u4e9b\u6587\u6863\u4e2d\u7684\u89e3\u51b3\u65b9\u6848\u5f88\u53ef\u80fd\u4f1a\u5f15\u53d1\u65b0\u7684\u95ee\u9898\u3002<\/p>\n<ul>\n<li>.NET Web Api \u4e2d\u5bf9 <a href=\"https:\/\/docs.microsoft.com\/en-us\/aspnet\/web-api\/overview\/security\/enabling-cross-origin-requests-in-web-api\">\u5141\u8bb8\u8de8\u6e90\u8bbf\u95ee<\/a>\uff1a\u4ecb\u7ecd\u591a\u79cd\u5141\u8bb8 Cross origin request \u7684\u65b9\u5f0f<\/li>\n<\/ul>\n<p>\u7531\u4e8e Chrome \u7b49\u4e00\u4e9b\u6d4f\u89c8\u5668\u5728\u4e00\u5b9a\u6761\u4ef6\u4e0b\u51fa\u4e8e\u5b89\u5168\u539f\u56e0\u4e3a\u9996\u5148\u53d1\u9001 OPTIONS method \u7684 HTTP \u8bf7\u6c42\uff08\u5982 headers \u4e2d\u6307\u5b9a &#8220;Content-Type&#8221;: &#8220;application\/x-www-form-urlencoded&#8221; \u65f6\uff09\uff0c\u60c5\u51b5\u53d8\u5f97\u66f4\u52a0\u590d\u6742\u3002<\/p>\n<p>\u5982\u679c OPTIONS method \u6ca1\u6709\u88ab\u5141\u8bb8\uff0c\u5219\u4f1a\u9047\u5230 405 \u9519\u8bef\u4ee3\u7801\u3002\u4e0d\u5f53\u7684\u8bbe\u7f6e\u53ef\u80fd\u4f1a\u5728\u5141\u8bb8\u8de8\u6e90\u8bbf\u95ee\u8d44\u6e90\u65f6\u5374\u963b\u788d\u4e86\u7528\u6237\u767b\u5f55\u7b49\u9a8c\u8bc1 API\u3002\u53c8\u6216\u662f\u65e0\u610f\u4e2d\u91cd\u590d\u5141\u8bb8 Cors origin \u8bbe\u7f6e\uff0c\u4f1a\u63d0\u793a The &#8216;Access-Control-Allow-Origin&#8217; header contains multiple values \u9519\u8bef\u800c\u65e0\u6cd5\u83b7\u5f97\u8d44\u6e90\u3002<\/p>\n<p>\u7f51\u7edc\u4e0a\u7b80\u5355\u660e\u4e86\u4e14\u5b9e\u9645\u6709\u6548\u7684\u89e3\u51b3\u65b9\u6848\u5e76\u4e0d\u597d\u627e\uff0c\u7ecf\u8fc7\u53cd\u590d\u5c1d\u8bd5\u4e0e\u5206\u6790\uff0c\u8981\u907f\u514d\u6240\u6709\u8fd9\u7c7b\u95ee\u9898\uff0c\u91c7\u7528\u5168\u5c40\u8bbe\u7f6e\u6050\u6015\u662f\u6700\u7b80\u5355\u7684\u65b9\u6cd5\u4e4b\u4e00\u3002<\/p>\n<ul>\n<li>\u4e0d\u8981\u50cf\u4e0b\u9762\u8fd9\u6837\u901a\u8fc7 Web.config \u6765\u8bbe\u7f6e Cors<\/li>\n<\/ul>\n<pre class=\"lang:default decode:true\">  &lt;httpProtocol&gt;\n    &lt;customHeaders&gt;\n      &lt;add name=\"Access-Control-Allow-Origin\" value=\"*\" \/&gt;\n      &lt;add name=\"Access-Control-Allow-Headers\" value=\"Content-Type\" \/&gt;\n      &lt;add name=\"Access-Control-Allow-Methods\" value=\"GET, POST, PUT, DELETE, OPTIONS\" \/&gt;\n    &lt;\/customHeaders&gt;\n  &lt;\/httpProtocol&gt;<\/pre>\n<ul>\n<li>\u4e0d\u8981\u50cf\u4e0b\u9762\u8fd9\u6837\u901a\u8fc7 ApiController \u5c5e\u6027\u6765\u8bbe\u7f6e Cors<\/li>\n<\/ul>\n<pre class=\"lang:default decode:true\">[EnableCors(origins: \"https:\/\/127.0.0.1\", headers: \"*\", methods: \"*\")]<\/pre>\n<ul>\n<li>\u4e0d\u8981\u5728 WebApiConfig \u7b49\u7c7b\u4e2d\u901a\u8fc7\u8bf8\u5982 config.EnableCors(); \u7b49\u4ee3\u7801\u65b9\u5f0f\u8bbe\u7f6e Cors<\/li>\n<li>\u5b89\u88c5\u00a0Microsoft.Owin.Cors \u7684 NuGet \u5305<\/li>\n<li>\u5728 startup.cs \u7684 ConfigureAuth \u65b9\u6cd5\u5f00\u59cb\u65f6\u8c03\u7528\u8bed\u53e5 app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);<\/li>\n<li>Angular \u524d\u7aef\u53d1\u9001\u8bf7\u6c42\u65f6\uff0c headers \u4e2d\u53ea\u9700\u6307\u5b9a &#8220;Content-Type&#8221;: &#8220;application\/x-www-form-urlencoded&#8221; \u4e00\u9879\u5373\u53ef<\/li>\n<li>\u5982\u679c\u4f7f\u7528 RestAngular \u83b7\u53d6\u8d44\u6e90\uff0c\u53ea\u9700\u6309\u5982\u4e0b\u65b9\u5f0f\u8bbe\u7f6e Content-Type \u4e0e Authorization \u5373\u53ef<\/li>\n<\/ul>\n<pre class=\"lang:js decode:true\">RestangularProvider.setDefaultHeaders({\n    'Content-Type': 'application\/json; charset=UTF-8',\n    'Authorization': 'Bearer ' + {concat the access token here};<\/pre>\n<p>\u81f3\u6b64\uff0c\u8fd0\u884c\u4e8e Azure App Service \u7684\u540e\u7aef .NET Web Api \u5c06\u53ef\u4ee5\u4e0e\u975e\u540c\u6e90\u7684 Angular \u7a0b\u5e8f\u4ea4\u4e92\uff0c\u5b9e\u73b0\u672c\u5730\u7528\u6237\u8d26\u53f7\u7684\u6ce8\u518c\u767b\u9646\u7b49\u64cd\u4f5c\uff0c\u53ef\u4ee5\u901a\u8fc7 <a href=\"https:\/\/swagger.io\/docs\/specification\/authentication\/bearer-authentication\/\">bearer token<\/a> \u5b9e\u73b0\u8d44\u6e90\u8bf7\u6c42\u8fc7\u7a0b\u4e2d\u7684\u9a8c\u8bc1\u4e0e\u6388\u6743\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u9a8c\u8bc1\u662f\u4efb\u4f55 Web \u670d\u52a1\u90fd\u5fc5\u987b\u8003\u8651\u7684\u57fa\u7840\u95ee\u9898\u3002\u5173\u4e8e .NET \u5e73\u53f0\u7684\u9a8c\u8bc1\u4e0e\u6388\u6743\uff0c\u6309\u7406\u8bf4\u5fae\u8f6f\u5df2\u7ecf\u63d0\u4f9b\u4e86\u76f8\u5f53\u5145\u5206\u7684 &hellip; <a href=\"http:\/\/leybreeze.com\/blog\/?p=3509\" class=\"more-link\">\u7ee7\u7eed\u9605\u8bfb<span class=\"screen-reader-text\">\u201cAngular\u3001.NET Web Api \u9a8c\u8bc1\uff08Authentication\uff09\u4e0e\u8de8\u6765\u6e90\u8d44\u6e90\u5171\u4eab\uff08Cors\uff09\u201d<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[138],"tags":[139,159,146],"_links":{"self":[{"href":"http:\/\/leybreeze.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3509"}],"collection":[{"href":"http:\/\/leybreeze.com\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/leybreeze.com\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/leybreeze.com\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/leybreeze.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3509"}],"version-history":[{"count":2,"href":"http:\/\/leybreeze.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3509\/revisions"}],"predecessor-version":[{"id":3699,"href":"http:\/\/leybreeze.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3509\/revisions\/3699"}],"wp:attachment":[{"href":"http:\/\/leybreeze.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3509"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/leybreeze.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3509"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/leybreeze.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3509"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}