Having upgraded from 3.1 to 5.0, I cannot seem to get past this HttpRequestException error when trying to fetch data from protected api controllers (those not marked [Authorize] are fine).
Although the client app tells me I am authenticated (I have 'hello, [email protected]' up top right for example), I can't seem to be get authenticated with the server. User.Identity just looks like this for example:
I have a few typed HttpClients, the authenticating one looking like so
public class ApplicationClient
{
private readonly HttpClient _httpClient;
public ApplicationClient(HttpClient httpClient)
{
_httpClient = httpClient;
}
public async Task<Applicant> GetApplicant() => await _httpClient.GetFromJsonAsync<Applicant>("applicant");
}}
With ApplicationClient being register in Programme.cs on client side as:
public static async Task Main(string[] args)
{
var builder = WebAssemblyHostBuilder.CreateDefault(args);
builder.RootComponents.Add<App>("app");
builder.Services.AddHttpClient<ApplicationClient>(client => client.BaseAddress = new Uri(builder.HostEnvironment.BaseAddress))
.AddHttpMessageHandler<BaseAddressAuthorizationMessageHandler>();
// Supply HttpClient instances that include access tokens when making requests to the server project
builder.Services.AddTransient(sp => sp.GetRequiredService<IHttpClientFactory>().CreateClient("Jcc.ServerAPI"));
builder.Services.AddScoped<ApplicationState>();
builder.Services.AddBlazoredModal();
builder.Services.AddApiAuthorization();
await builder.Build().RunAsync();
}
And finally a controller,
[Route("[controller]")]
[ApiController]
[Authorize]
public class MyController
{
public MyController(...) : base(...)
{
...
}
[HttpGet]
public async Task<ActionResult<Applicant>> GetCurrentApplicant()
{
...
}
In Startup.cs on Server app (having chopped and changed and tried about every combination of the below plus others) the pertinent bits of ConfigureServices() are:
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<JccContext>(options =>
options.UseNpgsql(
Configuration.GetConnectionString("DbContext")));
services.AddDefaultIdentity<ApplicationUser>(options =>
{
options.SignIn.RequireConfirmedAccount = true;
options.User.RequireUniqueEmail = true;
})
.AddEntityFrameworkStores<DbContext>();
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, DbContext>();
services.AddAuthentication()
.AddIdentityServerJwt();
services.Configure<IdentityOptions>(options =>
options.ClaimsIdentity.UserIdClaimType = ClaimTypes.NameIdentifier);
services.Configure<ForwardedHeadersOptions>(options =>
{
options.ForwardedHeaders = ForwardedHeaders.XForwardedFor |
ForwardedHeaders.XForwardedProto |
ForwardedHeaders.XForwardedHost;
options.KnownNetworks.Clear();
options.KnownProxies.Clear();
});
while Configure() goes:
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseForwardedHeaders();
app.UseHttpsRedirection();
app.UseRouting();
app.UseIdentityServer();
app.UseAuthentication();
app.UseAuthorization();
app.UseStaticFiles();
app.UseBlazorFrameworkFiles();
app.UseEndpoints(endpoints =>
{
endpoints.MapRazorPages();
endpoints.MapDefaultControllerRoute();
endpoints.MapControllers();
endpoints.MapFallbackToFile("index.html");
});
}
I just don't what's changed since it worked previously. Identity Server seems to generate the token fine:
but I keep seeing this:
It would be nice to not have to revert back to 3.1 :)
I did try
services.AddIdentityServer(opt =>
opt.IssuerUri = "https://localhost:5001"
)
As per a post a few years back but no dice and I think it was a different issue.
