Bearer not working? #49
Description
I have setup my code as stated on the readme file, but when i call my resourceController i get an error saying Authorization failed for the request filter.
The only changes i have done to use Bearer is thus
app.UseOpenIddict(options =>
{
// Need this line to use Bearer Authorization in requests
options.Options.AuthenticationScheme = OAuthValidationDefaults.AuthenticationScheme;
// development
options.Options.AllowInsecureHttp = true;
});
My resourceController looks like so
public class ResourceController : Controller {
[Authorize(ActiveAuthenticationSchemes = OAuthValidationDefaults.AuthenticationScheme)]
[HttpGet("message")]
public IActionResult GetMessage() {
var identity = User.Identity as ClaimsIdentity;
if (identity == null) {
return HttpBadRequest();
}
return Content($"{identity.Name} has been successfully authenticated.");
}
}
To call this, i call http://localhost:5000/connect/token with a valid username and password, and then using the accessToken string returned, i call http://localhost/resource/message. An example of the call is like so
GET /api/message HTTP/1.1
Host: localhost:5000
Authorization: Bearer BIG_STRING_HERE
Cache-Control: no-cache
I have also tried adding JwtTokens, but no luck as still fails. All my code is the same as the readme, apart from above.
here is my whole startup.cs file
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
env.EnvironmentName = "Development";
var factory = app.ApplicationServices.GetRequiredService<ILoggerFactory>();
factory.AddConsole();
factory.AddDebug();
app.UseDeveloperExceptionPage();
app.UseIISPlatformHandler(options => {
options.AuthenticationDescriptions.Clear();
options.FlowWindowsAuthentication = false;
});
app.UseOverrideHeaders(options => {
options.ForwardedOptions = ForwardedHeaders.All;
});
app.UseStaticFiles();
// comment this out and you get an error saying
// InvalidOperationException: No authentication handler is configured to handle the scheme: Microsoft.AspNet.Identity.External
app.UseIdentity();
// Note: OpenIddict must be added after
// ASP.NET Identity and the external providers.
app.UseOpenIddict(options =>
{
// Need this line to use Bearer Authorization in requests
options.Options.AuthenticationScheme = OAuthValidationDefaults.AuthenticationScheme;
// development
options.Options.AllowInsecureHttp = true;
});
app.UseMvcWithDefaultRoute();
using (var context = app.ApplicationServices.GetRequiredService<ApplicationDbContext>()) {
context.Database.EnsureCreated();
// Add Mvc.Client to the known applications.
if (!context.Applications.Any()) {
context.Applications.Add(new Application {
Id = "myClient",
DisplayName = "My client application",
RedirectUri = "http://localhost:5000/signin",
LogoutRedirectUri = "http://localhost:5000/",
Secret = Crypto.HashPassword("secret_secret_secret"),
Type = OpenIddictConstants.ApplicationTypes.Confidential
});
context.SaveChanges();
}
}
}