我有一个ASP.NET Web API路由器,当我导航到正确的路由时,它似乎不会受到攻击。
这是我的Web API控制器:
[Route("api/[controller]")]
[ApiController]
public class AccountController : ControllerBase
{
#region Declarations
private readonly UserManager<ApplicationUser> _userManager;
private readonly RoleManager<IdentityRole> _roleManager;
private readonly ApplicationDbContext _context;
private readonly IHostingEnvironment _hostingEnvironment;
#endregion
public AccountController(
UserManager<ApplicationUser> userManager,
RoleManager<IdentityRole> roleManager,
ApplicationDbContext context,
IHostingEnvironment environment
)
{
_userManager = userManager;
_roleManager = roleManager;
_context = context;
_hostingEnvironment = environment;
}
[HttpGet]
public ActionResult<IEnumerable<string>> Get()
{
return new string[] { "Account", "Controller" };
}
[HttpPost]
public async Task<IActionResult> GetToken()
{
var client = new DiscoveryClient("http://localhost:15547");
client.Policy.RequireHttps = false;
var disco = await client.GetAsync();
if (disco.IsError)
{
return BadRequest(disco.Error);
}
TokenClient tokenClient = new TokenClient(disco.TokenEndpoint, "ro.angular", "secret");
TokenResponse tokenResponse = await tokenClient.RequestResourceOwnerPasswordAsync("ahmer", "Default@69", "api1 openid");
if (tokenResponse.IsError)
{
return BadRequest(tokenResponse.Error);
}
var result = await _userManager.FindByNameAsync("ahmer");
return BadRequest("Invalid username or password.");
}
}
然而,我得到
http://localhost:15547/api/account/
路线很好,但是当我试图提出一个发帖请求时
http://localhost:15547/api/account/GetToken
它没有被击中,它显示了来自邮递员的404条信息。我在代码中犯了什么错误。
输出1
输出2