I am working on an ASP.NET 6 POC and I am checking if I can migrate to minimal APIs and
My test endpoint is the following:
public class GetWeatherEndpoint : Endpoint<GetWeatherInput, List<WeatherForecast>>
{
private static readonly string[] Summaries = new[]
{
"Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
};
public override void Configure()
{
Get("weather/{days:int}");
}
public override async Task HandleAsync(GetWeatherInput input, CancellationToken token)
{
var response = Enumerable.Range(1, input.Days).Select(index => new WeatherForecast
{
Date = DateTime.Now.AddDays(index),
TemperatureC = Random.Shared.Next(-20, 55),
Summary = Summaries[Random.Shared.Next(Summaries.Length)]
})
.ToList();
await SendOkAsync(response, token);
}
}
If I try to call this, I receive a 401, as authorization is enabled by default. If I add AllowAnonymous()
, it works as expected (HandleAsync
gets called).
When working with controllers, a simple Authorized
attribute would make things work.
Any idea about how to properly configure the endpoint in this case?
CodePudding user response:
this is most likely a minor misconfiguration.
in order to see why exactly the auth middleware is sending a 401 response, you'd have to do something similar to what's being done in this article to log the reason.
basically you need to tap in to a hook like OnAuthenticationFailed
and log the reason for failure.
it seems the request is not reaching fastendpoints due to the auth middleware interrupting the flow earlier on.
maybe try the subscribeToJwtBearerMiddlewareDiagnosticsEvents
in AddMicrosoftIdentityWebApiAuthentication
also don't you need a app.UseAuthentication()
call with azure ad?