CODEWITHSUNDEEP
authenticationservicestack
Jeff Lehmer
Jeff Lehmer

Reputation: 243

servicestack auth breaks at 4.0.21

I am encountering a problem when I upgraded my ServiceStack recently. I separated the different versions to find the problem started at v4.0.21. All earlier versions work and all later versions do not work. It only happens with my call to authenticate (with Basic Auth). Also, it only happens when I make the call to authenticate from our iPad app. Since we have not made any changes to our iPad app I know that something changed with ServiceStack that is causing our problem. I looked through the release notes and found there were a lot of changes to the auth capability due to the addition of a Windows Auth Provider and a couple of other new OAuth providers.

Is there some changes to the settings that I need to make that I am not seeing in the Release Notes? Has anyone else encountered this problem?

Here is our code for registering for ss-auth in global.asax.cs:

public override void Configure(Funq.Container container)
{
   SetConfig(new HostConfig {
      EnableFeatures = Feature.All.Remove(Feature.Metadata),
      AllowJsonpRequests = false,
      HandlerFactoryPath = "api"
   });

   var authFeature = new AuthFeature(
          () => new AuthUserSession(),
          new IAuthProvider[] { 
                new MyBasicAuthProvider() // override of BasicAuthProvider
          }
   );
   authFeature.HtmlRedirect = null;
   authFeature.IncludeAssignRoleServices = false;
   Plugins.Add(authFeature);

   container.Register<ICacheClient>(new AzureCacheClient("default"));

   var userRepository = new InMemoryAuthRepository();
   container.Register<IUserAuthRepository>(userRepository);
}

Here is the request URL:

POST https://vh.azurewebsites.net/api/auth?format=json

And here are the headers that went with the HTTP Request:

Host:              vh.azurewebsites.net
Authorization:     Basic dXN2dONjb3R0OnBhc3N3b3Jk
Accept-Encoding:   gzip, deflate
Accept:            application/json
Cookie:            ss-opt=perm
Accept-Language:   en;q=1, fr;q=0.9, de;q=0.8, ja;q=0.7, nl;q=0.6, it;q=0.5
Content-Length:    0
Connection:        keep-alive
Proxy-Connection:  keep-alive
User-Agent:        mHealth/QA (iPad; iOS 7.1.1; Scale/1.00)

Upvotes: 0

Views: 78

Answers (1)

mythz
mythz

Reputation: 143284

The auth provider was changed so that the implicit default /auth can now be used to tell if a user is authenticated which will return Session Info if a user is already authenticated or a 401 Unauthorized if they're not.

You need to call the explicit /auth/{provider} Auth Provider Route for the auth provider you wish to authenticate against which for Basic Auth is /auth/basic.

Upvotes: 1

Related Questions