问题描述
我只是在使用 Asp.Net Core Web API 并实现身份验证.我正在从 Angular 应用程序调用这个 API.但我总是收到如下错误.
I was just working with Asp.Net Core Web API, and implementing Authentication. And I am calling this API from an Angular Application. But I am always getting an error as below.
IDX10603:算法:HS256"要求 SecurityKey.KeySize 大于128"位.KeySize 报告:'32'.参数名称:key.KeySize
IDX10603: The algorithm: 'HS256' requires the SecurityKey.KeySize to be greater than '128' bits. KeySize reported: '32'. Parameter name: key.KeySize
以下是我在 Startup.cs 文件中的 ConfigureServices
代码.
Below is my code for ConfigureServices
in Startup.cs file.
public IServiceProvider ConfigureServices(IServiceCollection services)
{
services.AddDbContext<APIContext>(option => option.UseInMemoryDatabase("AngularApp"));
services.AddCors(options => options.AddPolicy("Cors", builder =>
{
builder.AllowAnyOrigin().
AllowAnyMethod().
AllowAnyHeader();
}
));
var signinKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("Secret phase"));
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(cfg =>
{
cfg.RequireHttpsMetadata = false;
cfg.SaveToken = true;
cfg.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters()
{
IssuerSigningKey = signinKey,
ValidateAudience = false,
ValidateIssuer = false,
ValidateLifetime = false,
ValidateIssuerSigningKey = true,
ValidateActor = false,
ClockSkew = TimeSpan.Zero
};
});
services.AddMvc();
var serviceProvider = services.BuildServiceProvider();
return serviceProvider;
}
我在我的控制器中使用 JwtPackage
,如下所示.
And I am using JwtPackage
in my controller as follows.
JwtPackage CreateJwtToken(User usr)
{
var signinKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("this is my custom Secret key for authnetication"));
var signInCredentials = new SigningCredentials(signinKey, SecurityAlgorithms.HmacSha256);
var claims = new Claim[] {
new Claim(JwtRegisteredClaimNames.Sub,usr.Id)
};
var jwt = new JwtSecurityToken(claims: claims, signingCredentials: signInCredentials);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
return new JwtPackage() { FirstName = usr.FirstName, Token = encodedJwt };
}
你能帮我解决这个问题吗?谢谢.
Can you please help me to fix this issue? Thank you.
推荐答案
啊,这是我的错误,一个简单的错误.我没有为密钥名称提供足够的字符.
Ah, it was my mistake, a simple one. I was not providing enough characters for the secret key name.
我把我的登录密钥改成了这个,
I changed my signinkey to this one,
var signinKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("this is my custom Secret key for authnetication"));
来自,
var signinKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("Secret phase"));
这解决了我的问题,因为 SigningCredentials(signinKey, SecurityAlgorithms.HmacSha256)
行中的 HmacSha256
应该大于 128 位.总之,只要用一个长字符串作为key就行了.
That solved my issue, as the HmacSha256
in the line SigningCredentials(signinKey, SecurityAlgorithms.HmacSha256)
should be greater than 128 bits. In short, just use a long string as the key.
这篇关于IDX10603:算法:“HS256"要求 SecurityKey.KeySize 大于“128"位.KeySize 报告:'32'.参数名称:key.KeySize的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!