Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Asp.Net Core custom authorization always ends with 401 Unauthorized

Tags:

asp.net-core

asp.net-core-mvc

asp.net-core-security

I am trying to implement a custom Authentication/Authorization flow with asp.net core but fails to do so. The authentication seems to work ok: if I debug step by step I can see that an AuthenticationTicket is created from a ClaimsPrincipal that contains an identity with isAuthenticated to true:

public class MyAuthHandler : AuthenticationHandler<MyAuthOptions>
{
    protected override Task<AuthenticateResult> HandleAuthenticateAsync()
    {
        // grab stuff from the HttpContext
        string authHeader = Request.Headers["Authorization"];
        // do some stuff that are successfull in my tests
        var cp = DoTokenBasedAuthentication(authHeader);

        var ticket = new AuthenticationTicket(cp,
            new AuthenticationProperties(), Options.AuthenticationScheme);
        return Task.FromResult(AuthenticateResult.Success(ticket));
    }
}

However, I try to add a dummy AuthorizationHandler after that:

public class MyRequirement : IAuthorizationRequirement
{
    public MyRequirement()
    {
    }
}

public class MyAuthRequirement : AuthorizationHandler<MyRequirement>
{
    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, MyRequirement requirement)
    {
        context.Succeed(requirement);
        return Task.CompletedTask;
    }
}

And with this code in my startup file:

services.AddAuthorization(options =>
{
   options.AddPolicy("My",
      policy => policy.Requirements.Add(new MyRequirement()));
});

But whenever I add "[Authorize("My")]" on a controller, then all calls always returns 401. And my AuthorizationHandler is never reached. This problem looks similar to Asp.Net Core policy based authorization ends with 401 Unauthorized but is slightly different as on my case I have a user that is authenticated. I am struggling to debug into asp.net MVC source code, so I do not really know what is going on.

like image 354
CanardMoussant Avatar asked Jan 04 '23 15:01

CanardMoussant

1 Answers

Your authorization handler doesn't appear to be plugged in. You can try to add the following line to your Startup.ConfigureServices method :

services.AddSingleton<IAuthorizationHandler, MyAuthRequirement>();
like image 122
Métoule Avatar answered May 31 '23 21:05

Métoule
Sign in to Comment

Related questions

How to post JSON data in MVC Visual Studio 2015
How to pass a URL as a query string parameter in MVC
Unable to run dnx console App
IConfiguration does not contain a definition for Get() (EF7, vNext)
Why isn't this .NET Core package compatible with my PCL?
Dynamically add roles to authorize attribute for controller in ASP.NET 5
Can't turn off requirehttps in asp.net 5 MVC 6 site
Angular2 Http post request not binding to ASP.NET 5 controller's action
How to get additional fields using the Facebook provider in ASP.NET Core RC1?
Unable to resolve service for type 'Microsoft.ApplicationInsights.TelemetryClient'
Returning XDocument from Controller (dotnet coreclr)
How to identify a user with auth0 jwt
Is ApiExplorer supported in ASP.NET Core 1.0, and how to use it?
Posting dictionary to web api in asp.net core
Get the ApplicationUser in a controller
Send multiple files using ASP.net core web api
Auto migration in EF Core in three tier application
Get ModelMetadata for a class in .NET Core
CSS and JavaScript changes not published to Azure in ASP.NET Core
How to add font awesome to ASP.NET Core Angular 2 application in Visual Studio 2017 with SpaTemplates

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!