S
Shuja Haider
Guest
Hope you are all doing great.
I am stuck with this very strange problem. May be I am new to this or have little know. Let me tell you first the flow of the problem.
1. Web API Project using .net core
2. Calling the API using Refit SDK.
3. 3rd Calling those API's from the .Net core Razor Pages Front-end (Seperate Project.)
this is using the Jwt bearer token.
Below is the startup file code for API project.
services.AddMvc(options => { options.EnableEndpointRouting = false; options.Filters.Add<ValidationFilter>(); }) .AddFluentValidation(mvcConfiguration => mvcConfiguration.RegisterValidatorsFromAssemblyContaining<Startup>()) ; var jwtSettings = new JwtSettings(); configuration.Bind(nameof(jwtSettings), jwtSettings); services.AddSingleton(jwtSettings); var tokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtSettings.Secret)), ValidateIssuer = false, ValidateAudience = false, RequireExpirationTime = false, ValidateLifetime = true }; services.AddSingleton(tokenValidationParameters); services.AddAuthentication(x => { x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; x.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(x => { x.SaveToken = true; x.TokenValidationParameters = tokenValidationParameters; }); services.AddAuthorization(options => { options.AddPolicy("MustWorkForChapsas", policy => { policy.AddRequirements(new WorksForCompanyRequirement("chapsas.com")); }); }); services.AddSingleton<IAuthorizationHandler, WorksForCompanyHandler>();
This is how i am using Authorize in my API Controllers.
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] [ApiExplorerSettings(GroupName = "V1")] public class FaqsController : ControllerBase { protected readonly ILogger _logger; private readonly IFaqService _faqService; private readonly IMapper _mapper; private readonly IUriService _uriService;
This is how i ma generating my SKD using refit.
using System; using System.Collections.Generic; using System.Threading.Tasks; using EdgeTours.API.Contracts.V1.Requests; using EdgeTours.API.Contracts.V1.Requests.Queries; using EdgeTours.API.Contracts.V1.Responses; using EdgeTours.Model.CommonViewModels; using Refit; namespace EdgeTours.API.Sdk.V1 { [Headers("Authorization: Bearer")] public interface IFaqApi { [Get("/api/v1/faqs")] Task<ApiResponse<PagedResponse<FaqViewModel>>> GetAllAsync(string FaqId = null, int? PageNumber = 1, int? PageSize = 100);
Everything works fine and even i receive 401 error when i try to access that API from the browser with out bearer token. [enter image description here][1]
Even API work good from the Frontend Project.
Here's the code for startup file of the Frontend Project.
using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Identity.UI; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.HttpsPolicy; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using EdgeTours.Repository.Context; using Microsoft.AspNetCore.Authentication.JwtBearer; using System.Net; namespace EdgeTours.Web { public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.Configure<CookiePolicyOptions>(options => { // This lambda determines whether user consent for non-essential cookies is needed for a given request. options.CheckConsentNeeded = context => true; options.MinimumSameSitePolicy = SameSiteMode.None; }); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); app.UseDatabaseErrorPage(); } else { app.UseExceptionHandler("/Error"); // The default HSTS value is 30 days. You may want to change this for production scenarios, see Enforce HTTPS in ASP.NET Core. app.UseHsts(); } app.UseStaticFiles(); app.UseCookiePolicy(); app.UseAuthentication(); app.UseMvc(); } } }
[1]: View: https://i.stack.imgur.com/EZGgj.png
So the problem is that.
I am unable to redirect to Login page as there is not authorization is enabled So I would really appreciate of some one help me to configure my razor pages class as well as startup file to enable authentication so that when api call is not valid my page redirect to login page.
I would really appreciate if any one help me with this. Thanks in advance.
Continue reading...
I am stuck with this very strange problem. May be I am new to this or have little know. Let me tell you first the flow of the problem.
1. Web API Project using .net core
2. Calling the API using Refit SDK.
3. 3rd Calling those API's from the .Net core Razor Pages Front-end (Seperate Project.)
this is using the Jwt bearer token.
Below is the startup file code for API project.
services.AddMvc(options => { options.EnableEndpointRouting = false; options.Filters.Add<ValidationFilter>(); }) .AddFluentValidation(mvcConfiguration => mvcConfiguration.RegisterValidatorsFromAssemblyContaining<Startup>()) ; var jwtSettings = new JwtSettings(); configuration.Bind(nameof(jwtSettings), jwtSettings); services.AddSingleton(jwtSettings); var tokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtSettings.Secret)), ValidateIssuer = false, ValidateAudience = false, RequireExpirationTime = false, ValidateLifetime = true }; services.AddSingleton(tokenValidationParameters); services.AddAuthentication(x => { x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; x.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(x => { x.SaveToken = true; x.TokenValidationParameters = tokenValidationParameters; }); services.AddAuthorization(options => { options.AddPolicy("MustWorkForChapsas", policy => { policy.AddRequirements(new WorksForCompanyRequirement("chapsas.com")); }); }); services.AddSingleton<IAuthorizationHandler, WorksForCompanyHandler>();
This is how i am using Authorize in my API Controllers.
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] [ApiExplorerSettings(GroupName = "V1")] public class FaqsController : ControllerBase { protected readonly ILogger _logger; private readonly IFaqService _faqService; private readonly IMapper _mapper; private readonly IUriService _uriService;
This is how i ma generating my SKD using refit.
using System; using System.Collections.Generic; using System.Threading.Tasks; using EdgeTours.API.Contracts.V1.Requests; using EdgeTours.API.Contracts.V1.Requests.Queries; using EdgeTours.API.Contracts.V1.Responses; using EdgeTours.Model.CommonViewModels; using Refit; namespace EdgeTours.API.Sdk.V1 { [Headers("Authorization: Bearer")] public interface IFaqApi { [Get("/api/v1/faqs")] Task<ApiResponse<PagedResponse<FaqViewModel>>> GetAllAsync(string FaqId = null, int? PageNumber = 1, int? PageSize = 100);
Everything works fine and even i receive 401 error when i try to access that API from the browser with out bearer token. [enter image description here][1]
Even API work good from the Frontend Project.
Here's the code for startup file of the Frontend Project.
using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Identity.UI; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.HttpsPolicy; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using EdgeTours.Repository.Context; using Microsoft.AspNetCore.Authentication.JwtBearer; using System.Net; namespace EdgeTours.Web { public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.Configure<CookiePolicyOptions>(options => { // This lambda determines whether user consent for non-essential cookies is needed for a given request. options.CheckConsentNeeded = context => true; options.MinimumSameSitePolicy = SameSiteMode.None; }); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); app.UseDatabaseErrorPage(); } else { app.UseExceptionHandler("/Error"); // The default HSTS value is 30 days. You may want to change this for production scenarios, see Enforce HTTPS in ASP.NET Core. app.UseHsts(); } app.UseStaticFiles(); app.UseCookiePolicy(); app.UseAuthentication(); app.UseMvc(); } } }
[1]: View: https://i.stack.imgur.com/EZGgj.png
So the problem is that.
I am unable to redirect to Login page as there is not authorization is enabled So I would really appreciate of some one help me to configure my razor pages class as well as startup file to enable authentication so that when api call is not valid my page redirect to login page.
I would really appreciate if any one help me with this. Thanks in advance.
Continue reading...