最近在学习webAPI及OWIN模式
按照相关实例创建了项目,也设定好了相应验证机制.
1.Startup页面做了标准的配置,包括owin的CorsOptions
using Microsoft.Owin;
using Microsoft.Owin.Cors;
using Microsoft.Owin.Security.OAuth;
using Owin;
using System;
using System.Web.Http;
[assembly: OwinStartup(typeof(ntWebAPI.Startup))]
namespace ntWebAPI
{
/// <summary>
/// Owin启动类
/// </summary>
public class Startup
{
/// <summary>
///
/// </summary>
/// <param name="app"></param>
public void Configuration(IAppBuilder app)
{
HttpConfiguration config = new HttpConfiguration();
this.ConfigureOAuth(app);
WebApiConfig.Register(config);
app.UseCors(CorsOptions.AllowAll);
app.UseWebApi(config);
}
/// <summary>
///
/// </summary>
/// <param name="app"></param>
public void ConfigureOAuth(IAppBuilder app)
{
var OAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true, //允许客户端使用Http协议请求
TokenEndpointPath = new PathString("/token"), //请求地址
//AccessTokenExpireTimeSpan = TimeSpan.FromDays(1), //token过期时间
AccessTokenExpireTimeSpan = TimeSpan.FromHours(1),
Provider = new AuthorizationServerProvider(),//提供认证策略
};
app.UseOAuthAuthorizationServer(OAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
}
}
- WebApiConfig.cs内标准设定,未做修改
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web.Http;
namespace ntWebAPI
{
public static class WebApiConfig
{
public static void Register(HttpConfiguration config)
{
// Web API 配置和服务
// Web API 路由
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
);
}
}
}
目前的问题是,前端浏览器页面使用ajax调用产生token的页面时,会提示"原因:CORS 头缺少 'Access-Control-Allow-Origin'"的错误.
使用postman测试无问题,但我知道postman并非浏览器调用模式.
所以想请教各路大神是否有解决方法.