Search code examples
.net-corejwtasp.net-core-webapi

Unable to validate JWT token .NET Core 6

I am trying to validate a JWT token, but still I am getting 401 error.

This is my code:

Program.cs:

builder.Services.AddSwaggerGen(c =>
{
    c.SwaggerDoc("v1", new OpenApiInfo { Title = "JWTToken_Auth_Api", Version = "v1" });
    c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
    {
        Description = @"JWT Authorization header using the Bearer scheme. \r\n\r\n 
                      Enter 'Bearer' [space] and then your token in the text input below.
                      \r\n\r\nExample: 'Bearer 12345abcdef'",
        Name = "Authorization",
        In = ParameterLocation.Header,
        Type = SecuritySchemeType.ApiKey,
        BearerFormat = "JWT",
        Scheme = "bearer"
    });

    c.AddSecurityRequirement(new OpenApiSecurityRequirement()
      {
        {
          new OpenApiSecurityScheme
          {
            Reference = new OpenApiReference
              {
                Type = ReferenceType.SecurityScheme,
                Id = "Bearer"
            }
          },
            new string[]{ }
          }
       });
});

builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
{
    options.RequireHttpsMetadata = false;
    options.SaveToken = true;
    options.IncludeErrorDetails = true;
    options.TokenValidationParameters = new TokenValidationParameters()
    {
        ValidateIssuer = true,
        ValidateAudience = true,
        ValidateLifetime = true,
        ValidateIssuerSigningKey = false,
        ValidAudience = builder.Configuration["Jwt:Audience"],
        ValidIssuer = builder.Configuration["Jwt:Issuer"],
        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"]))
    };
});

Inside my controller, I created a function to get the token value:

[NonAction]
public string GetToken(LoginUser loginUser)
{
    var claims = new[]
        {
            new Claim(JwtRegisteredClaimNames.Sub, _configuration["Jwt:Subject"]),
            new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
            new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString()),
            new Claim("UserId", loginUser.UserLogin),
            new Claim("Name", loginUser.FirstName +" "+ loginUser.LastName),
            new Claim("Email", loginUser.Email)
        };

    var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:Key"]));
    // var signIn = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
    var signIn = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
    var token = new JwtSecurityToken(
            _configuration["Jwt:Issuer"],
            _configuration["Jwt:Audience"],
            claims,
            expires: DateTime.UtcNow.AddMinutes(10),
            signingCredentials: signIn);

    string Token = new JwtSecurityTokenHandler().WriteToken(token);

    return Token;
}

After logging in and getting the token value, when I am trying to access the other API service, I am getting this error:

enter image description here

Please tell me - what am I doing wrong?

Solution

  • Try to use SecurityTokenDescriptor Class to create a security token

    Contains some information which used to create a security token.

    Try to have a little modify to your code like:

     var claims = new[]
        {
            new Claim(JwtRegisteredClaimNames.Sub, _configuration["Jwt:Subject"]),
            new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
            new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString()),
            new Claim("UserId", loginUser.UserLogin),
            new Claim("Name", loginUser.FirstName +" "+ loginUser.LastName),
            new Claim("Email", loginUser.Email)
        };

        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:Key"]));
        //            var signIn = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
        var signIn = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
 var tokenDescriptor1 = new SecurityTokenDescriptor {
     Issuer =  _configuration["Jwt:Issuer"],,
     Audience =_configuration["Jwt:Audience"],
     Subject = new ClaimsIdentity(claims),
     Expires= DateTime.UtcNow.AddMinutes(10),
     SigningCredentials= signIn };

 var tokenObject1 = new JwtSecurityTokenHandler().CreateToken(tokenDescriptor1);
 string Token = new JwtSecurityTokenHandler().WriteToken(tokenObject1);
 return Token;

    result: enter image description here