Abdu Imam
Reputation: 413
bearer token is not working with my Authorize Attribute Roles with WebAPI, Username is null
- I can log in and get the token key from http://localhost:58507/token by Postman
- I can call an api with just [Authorize] Attribute
- But when I set the roles [Authorize(Roles= "Admin")] I get this server internal Error:
"Message": "An error has occurred.",
"ExceptionMessage": "Value cannot be null. Parameter name: username",
"ExceptionType": "System.ArgumentNullException",
"StackTrace": "at System.Web.Util.SecUtility.CheckParameter(String& param, Boolean checkForNull, Boolean checkIfEmpty, Boolean checkForCommas, Int32 maxSize, String paramName)
this is my Codes:
- the AuthorizeAttribute Class:
public class AuthorizeAttribute : System.Web.Http.AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
if (!HttpContext.Current.User.Identity.IsAuthenticated)
base.HandleUnauthorizedRequest(actionContext);
else
actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Forbidden);
}
}
- the OAuthAuthorizationServerProvider Class :
public class MyOAuthProvider : OAuthAuthorizationServerProvider
{
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
context.Validated();
}
public override async Task GrantResourceOwnerCredentials(
OAuthGrantResourceOwnerCredentialsContext context)
{
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
string username = context.UserName;
string password = context.Password;
if (Membership.ValidateUser(username, password))
{
using (var ee = new DBEntities())
{
MembershipUser mu = Membership.GetUser(username);
Guid guid = (Guid)mu.ProviderUserKey;
string roles = string.Join(",", Roles.GetRolesForUser(username));
identity.AddClaim(new Claim(ClaimTypes.Role, roles));
identity.AddClaim(new Claim("username", username));
context.Validated(identity);
}
}
else
{
context.SetError("Login Field", "Error username or password");
}
}
}
Upvotes: 1
Views: 2560
Answers (1)
Related Questions
- Authorization in ASP.NET Core. Always 401 Unauthorized for [Authorize] attribute
- JWT bearer token Authorization not working asp net core web api
- Why i'm getting "Bearer error="invalid_token"" in asp.net webapi?
- ASP.NET Core WebApi Jwt Role-based Authorization not working
- OAuth Bearer Token Not Working for WebApi
- Token based authentication in ASP.NET Web API 2 not working
- Web API Bearer token authentication Authorize doesn't work
- Return user roles from bearer token of Web API
- WebAPI Authorization Attribute not being called with IdentityServer3 Bearer Token
- How to add roles to the asp identity bearer token