Reputation: 1669
Azure Mobile App redirecting Http POST calls to GET when Azure Active Directory Authentication is enabled
I'm going through the .NET portions of the Azure Mobile App backend tutorials found at https://learn.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-dotnet-backend-how-to-use-server-sdk
I got everything setup nicely with the default example TodoItemController. I added push notifications as instructed by adding code to the PostToDoItem controller method.
I then tested the POST call using Postman and putting in a simple new item:
Upon which I get a successful push notification in my Xamarin.Forms mobile app:
However, when I enable Azure Active Directory authentication in my Mobile App Service while leaving "Allow Anonymous requests (no action)" on, I'm no longer able to send a POST call with Postman. More specifically, it looks like the App Service receives the POST request, but immediately redirects it and yields a GET request instead. This causes the GetAllToDoItems method in the controller to be called instead of the PostToDoItem method. I see this in the log stream:
> 2017-05-31T01:33:46 PID[4292] Verbose Received request: POST
> http://XYZ.azurewebsites.net/tables/TodoItem?ZUMO-API-VERSION=2.0.0
> 2017-05-31T01:33:46 PID[4292] Information Redirecting:
> https://XYZ.azurewebsites.net/tables/TodoItem?ZUMO-API-VERSION=2.0.0
> 2017-05-31T01:33:46 PID[4292] Verbose Received request: GET
> https://XYZ.azurewebsites.net/tables/TodoItem?ZUMO-API-VERSION=2.0.0
> 2017-05-31T01:33:46 PID[4292] Verbose [Routes(Preview)] No
> authorization configuration was found. 2017-05-31T01:33:46 PID[4292]
> Information Request, Method=GET,
> Url=https://XYZ.azurewebsites.net/tables/TodoItem?ZUMO-API-VERSION=2.0.0,
> Message='https://XYZ.azurewebsites.net/tables/TodoItem?ZUMO-API-VERSION=2.0.0'
> 2017-05-31T01:33:46 PID[4292] Information Message='TodoItem',
> Operation=DefaultHttpControllerSelector.SelectController
> 2017-05-31T01:33:46 PID[4292] Information
> Message='XYZService.Controllers.TodoItemController',
> Operation=DefaultHttpControllerActivator.Create 2017-05-31T01:33:46
> PID[4292] Information
> Message='XYZService.Controllers.TodoItemController',
> Operation=HttpControllerDescriptor.CreateController
> 2017-05-31T01:33:46 PID[4292] Information Message='Selected action
> 'GetAllTodoItems()'',
> Operation=ApiControllerActionSelector.SelectAction
I would've expected this POST call to work the same as when I have App Service authentication set to OFF since I told Azure to take no action when anonymous requests come in. Am I misunderstanding something here? Thanks in advance!
Upvotes: 4
Views: 1325
Answers (1)
Reputation: 14649
After we enable the authentication/authorization for the app service, if we send the request using the HTTP protocol, the server will redirect it to HTTPS via 302 response.
To make it work in this scenario, you can send the request using the HTTPS protocol instead of HTTP. This should work if you enable the Allow Anonymous requests(no action) feature.
Upvotes: 4
Related Questions
- Azure MobileApp API return 401 (Unauthorized) even after successful login with MobileServiceClient - UWP
- Azure Mobile App Authorization issue
- Multi-tenant Azure Mobile App service calls failing with 401.71
- azure mobile app authentication external redirect url
- 401 Unauthorized when making request to Azure Mobile Service
- Azure App Service Mobile authentication not compatible with MVC/Forms
- Azure Mobile App Authentication 403 on Callback
- Azure Mobile App authentication only with Azure AD but Windows Account can also login?
- Azure mobile app return 401 (Unauthorized) even after successful login.
- Azure Active Directory Authentication with Azure Mobile Services Failed