내가 테스트 한 세 가지 방법이 있습니다 (효과가 있지만 어느 것이 정확한지는 모르겠습니다).
OnTokenValidated = async (ctx) =>
{
if(user is disabled)
{
ctx.Response.Headers.Append(
HeaderNames.WWWAuthenticate,
ctx.Options.Challenge);
ctx.SkipToNextMiddleware();
}
}
둘째 JWT 미들웨어 후 Use
사용 방법 : 마지막
app.Use(async (context, next) =>
{
var auth = await context.Authentication.AuthenticateAsync("Bearer");
if (auth.Identity.IsAuthenticated && user is disabled)
{
context.Response.Headers.Append(
HeaderNames.WWWAuthenticate,
"Bearer");
}
await next();
});
SecurityTokenValidators
를 사용하고 :
public class CustomSecurityTokenValidator : JwtSecurityTokenHandler
{
public CustomSecurityTokenValidator()
{
}
public override ClaimsPrincipal ValidateToken(string securityToken,
TokenValidationParameters validationParameters, out SecurityToken validatedToken)
{
var principal = base.ValidateToken(securityToken, validationParameters, out validatedToken);
if(user is disabled)
{
throw new SecurityTokenNotYetValidException();
}
else
{
return principal;
}
}
}
..... in Startup.cs ...........
var options = new JwtBearerOptions()
{
//....
}
options.SecurityTokenValidators.Clear();
options.SecurityTokenValidators.Add(new CustomTokenValidator());
app.UseJwtBearerAuthentication(options);
우선 OnTokenValidated
이벤트를 사용