Overview
I have a dotnet Core web service (i.e. dotnet new webapi) that I would like to protect with reference tokens issued by a third-party IDaaS service. I've added the IdentityModel.AspNetCore.OAuth2Introspection library as well as the requisite additional code in ConfigureServices:
public void ConfigureServices(IServiceCollection services)
{
services.AddControllers();
services.AddAuthentication(OAuth2IntrospectionDefaults.AuthenticationScheme)
.AddOAuth2Introspection(options =>
{
options.ClientId = "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx";
options.ClientSecret = "xxxxxxx";
options.IntrospectionEndpoint = "https://demo.verify.ibm.com/v1.0/endpoint/default/introspect";
});
}
No matter what I do, I am constantly getting a 401 UNAUTHORIZED response from the WebAPI. In fact, I'm not even seeing that the web API is reaching out to the IDaaS to validate the Bearer Token.
Below is the HTTP trace:
GET /WeatherForecast HTTP/1.1
> Host: localhost:5001
> User-Agent: insomnia/2021.5.3
> Cookie: PD-S-SESSION-ID=1_2_1_K7PE6XKeEDKOkwioWpJxhxT8-Gdkz3TDgKXHgRIzMCKnQxYJ
> Authorization: Bearer **REMOVED**
> Accept: */*
* Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
< Date: Thu, 21 Oct 2021 17:15:14 GMT
< Server: Kestrel
< Content-Length: 0
* Connection #47 to host localhost left intact
Against the following endpoint:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
namespace API.Controllers
{
[ApiController]
[Route("[controller]")]
public class WeatherForecastController : ControllerBase
{
private static readonly string[] Summaries = new[]
{
"Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
};
private readonly ILogger<WeatherForecastController> _logger;
public WeatherForecastController(ILogger<WeatherForecastController> logger)
{
_logger = logger;
}
[HttpGet]
[Authorize]
public IEnumerable<WeatherForecast> Get()
{
var rng = new Random();
return Enumerable.Range(1, 5).Select(index => new WeatherForecast
{
Date = DateTime.Now.AddDays(index),
TemperatureC = rng.Next(-20, 55),
Summary = Summaries[rng.Next(Summaries.Length)]
})
.ToArray();
}
}
}
I was wondering whether anyone had any experience doing what I am trying to do? Any advice would be much appreciated.
CodePudding user response:
Issue was due to missing app.UseAuthentication();
middleware registration of the pipeline.