Home > Software design >  ASP.NET core - How to add multiple authentication schemes
ASP.NET core - How to add multiple authentication schemes

Time:02-22

My app is an MVC that integrates with Openiddict, and I also wanted to add some APIs. The problem is that when I try to send a request from a client, the authenticated client is not recognized. To resolve this issue, I changed the "Authorize" attribute to:

[Authorize(AuthenticationSchemes = OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme)]

After that, requests from MVC pages to APIs are not allowed.

How to fix it? And is there a way to fix this issue without changing the "Authorize" attribute?

Specification:

asp.net core .NET5, Openiddict 3

Console Log(request from an MVC Page to an API with special Authorize attribute):

info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
      Request starting HTTP/2 GET https://localhost:5001/api/MyApitest - -
dbug: OpenIddict.Server.OpenIddictServerDispatcher[0]
      The event OpenIddict.Server.OpenIddictServerEvents ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers InferEndpointType.
dbug: OpenIddict.Server.OpenIddictServerDispatcher[0]
      The event OpenIddict.Server.OpenIddictServerEvents ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers InferIssuerFromHost.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The event OpenIddict.Validation.OpenIddictValidationEvents ProcessRequestContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers InferIssuerFromHost.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The event OpenIddict.Validation.OpenIddictValidationEvents ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers ExtractAccessTokenFromAuthorizationHeader.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The event OpenIddict.Validation.OpenIddictValidationEvents ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers ExtractAccessTokenFromBodyForm.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The event OpenIddict.Validation.OpenIddictValidationEvents ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers ExtractAccessTokenFromQueryString.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The event OpenIddict.Validation.OpenIddictValidationEvents ProcessAuthenticationContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers ValidateToken.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The event OpenIddict.Validation.OpenIddictValidationEvents ProcessAuthenticationContext was marked as rejected by OpenIddict.Validation.OpenIddictValidationHandlers ValidateToken.
dbug: OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandler[9]
      AuthenticationScheme: OpenIddict.Validation.AspNetCore was not authenticated.
info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
      Authorization failed. These requirements were not met:
      DenyAnonymousAuthorizationRequirement: Requires an authenticated user.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The event OpenIddict.Validation.OpenIddictValidationEvents ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers AttachHostChallengeError.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The event OpenIddict.Validation.OpenIddictValidationEvents ProcessChallengeContext was successfully processed by OpenIddict.Validation.OpenIddictValidationHandlers AttachDefaultChallengeError.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The event OpenIddict.Validation.OpenIddictValidationEvents ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers AttachHttpResponseCode`1[[OpenIddict.Validation.OpenIddictValidationEvents ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The event OpenIddict.Validation.OpenIddictValidationEvents ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers AttachCacheControlHeader`1[[OpenIddict.Validation.OpenIddictValidationEvents ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The event OpenIddict.Validation.OpenIddictValidationEvents ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers AttachWwwAuthenticateHeader`1[[OpenIddict.Validation.OpenIddictValidationEvents ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
info: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The response was successfully returned as a challenge response: {
        "error": "missing_token",
        "error_description": "The security token is missing.",
        "error_uri": "https://documentation.openiddict.com/errors/ID2000"
      }.
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The event OpenIddict.Validation.OpenIddictValidationEvents ProcessChallengeContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers ProcessChallengeErrorResponse`1[[OpenIddict.Validation.OpenIddictValidationEvents ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
dbug: OpenIddict.Validation.OpenIddictValidationDispatcher[0]
      The event OpenIddict.Validation.OpenIddictValidationEvents ProcessChallengeContext was marked as handled by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers ProcessChallengeErrorResponse`1[[OpenIddict.Validation.OpenIddictValidationEvents ProcessChallengeContext, OpenIddict.Validation, Version=3.1.1.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]].
info: OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandler[12]
      AuthenticationScheme: OpenIddict.Validation.AspNetCore was challenged.
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
      Request finished HTTP/2 GET https://localhost:5001/api/MyApitest - - - 401 0 - 133.4335ms

CodePudding user response:

If you are using Authentication with Asp.Net Core Identity on your API controller and also want to use openiddict for OAuth authentication, You can use both authentication schemes e.g.

[Authorize(AuthenticationSchemes = "Identity.Application,"   OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme)]

Page link:https//www.codepudding.com/Softwaredesign/310633.html

Prev:How to rewrite if-else statements better in python
Next:Swift CloudKit and CKQuery: how to iteratively retrieve records when queryResultBlock returns a quer
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding