Currently following this tutorial on how to implement OAuth JWT Authentication. Stuck on two things at the moment which have become a bit of a pain to solve.
app.UseJwtBearerAuthentication(
new JwtBearerAuthenticationOptions
{
AuthenticationMode = AuthenticationMode.Active,
AllowedAudiences = new[] { audienceId },
IssuerSecurityTokenProviders = new IIssuerSecurityTokenProvider[]
{
new SymmetricKeyIssuerSecurityTokenProvider(issuer, audienceSecret)
}
});
As shown in the image below are the errors:
Not sure why I am getting this error as all the necessary packages are installed. On the other IssuerSecurityKeyProviders exists instead if I chose to use this one or run the build with the errors, it will generate the token but when I try to access any of the authroised endpoints on the api I get the dreaded "message": "Authorization has been denied for this request."
When i debug the token all seems to be matching. The issuer is the same, the audience id is the same and the user does exist in the database too but the changepassword endpoint always fails as shown in the screenshot below.
Last but not least looking for a good tutorial I can follow to help me get up and running with Web API Authentication using JWT and OWIN. Most are outdated and the packages have changed over the years for example this one and it is hard finding answers to problems encountered. A touch frustrating
Newer versions of the "Microsoft.Owin.Security.Jwt" library may have had some renaming that needs to be taken into account. Try this instead:
// Api controllers with an [Authorize] attribute will be validated with JWT
app.UseJwtBearerAuthentication(
new JwtBearerAuthenticationOptions
{
AuthenticationMode = AuthenticationMode.Active,
AllowedAudiences = new[] { audienceId },
IssuerSecurityKeyProviders = new IIssuerSecurityKeyProvider[] {
new SymmetricKeyIssuerSecurityKeyProvider(issuer, audienceSecret)
}
});
This essentially substitutes "IssuerSecurityKeyProviders" in place of "IssuerSecurityTokenProviders" and "IIssuerSecurityKeyProvider" in place of "IIssuerSecurityTokenProvider".
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With