【发布时间】:2020-09-04 09:31:03
【问题描述】:
我创建了一个 Blazor WebAssembly 项目,并希望为 WebAPI 提供一个公共可用功能。
[Route("api/[controller]")]
[ApiController]
[Authorize]
public class SystemEvalApiController : ControllerBase
{
public SystemEvalApiController(AppDbContext context, IMapper mapper)
{...}
[Route("LatestEvals")]
[AllowAnonymous]
public ActionResult LatestEvals()
那是我的 Api 控制器,我应该可以调用它:
SystemEvalPublicViewModel = await Http
.GetFromJsonAsync<SystemEvalPublicViewModel>(
HttpService.BuildUrl("api/SystemEvalApi/LatestEvals"));
当我没有登录任何帐户时。但是我得到了这个错误:
info: System.Net.Http.HttpClient.JPB.BorannRemapping.ServerAPI.LogicalHandler[100]
Start processing HTTP request GET https://localhost:44330/api/SystemEvalApi/LatestEvals
blazor.webassembly.js:1 info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
Authorization failed.
看起来“DefaultAuthorizationService”无法识别匿名属性,但我找不到直接失败的点。
如何声明无需登录即可从 HttpClient 访问的 WebAPI 函数。 Microsoft.AspNetCore.Components.WebAssembly.Server 3.2.0.-rc1.20223.4
编辑: 这是 ClientServices 的声明:
var builder = WebAssemblyHostBuilder.CreateDefault(args);
builder.RootComponents.Add<App>("app");
builder.Services.AddHttpClient("JPB.BorannRemapping.ServerAPI", client =>
{
client.BaseAddress = new Uri(builder.HostEnvironment.BaseAddress);
})
.AddHttpMessageHandler<BaseAddressAuthorizationMessageHandler>();
// Supply HttpClient instances that include access tokens when making requests to the server project
builder.Services.AddTransient(sp => sp.GetRequiredService<IHttpClientFactory>().CreateClient("JPB.BorannRemapping.ServerAPI"));
builder.Services.AddTransient(e => new HttpService(e.GetService<HttpClient>()));
builder.Services.AddApiAuthorization();
builder.Services.AddBlazoredLocalStorage();
await builder.Build().RunAsync();
【问题讨论】:
-
你能把你注册服务的代码和你的注入方式贴出来吗? Blazor 应用程序不知道您如何保护您的 api,它无法猜测存在允许匿名用户的方法。这就像你不是为应用编写的服务。
-
我添加了 program.cs 内容。我通过正常的@inject 语法注入 HttpClient(或 HttpService,它只是一个包含常用方法的包装器)。
标签: c# asp.net-core blazor webassembly