Dotnet Core 2.0 Authorization failed for user: (null)

Question

My code was working perfectly with .net core 2.0. I'm not sure what went wrong. Application is throwing error during authorization. Error message and startup class code below.

>     Microsoft.AspNetCore.Cors.Infrastructure.CorsService:Information:

Policy execution successful.

info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
      Authorization failed for user: (null).
Microsoft.AspNetCore.Authorization.DefaultAuthorizationService:Information:

Authorization failed for user: (null). info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2] Authorization failed for user: (null). Microsoft.AspNetCore.Authorization.DefaultAuthorizationService:Information: Authorization failed for user: (null). info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3] Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'. Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information: Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'. info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3] Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'. Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information: Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'. Microsoft.AspNetCore.Mvc.ChallengeResult:Information: Executing ChallengeResult with authentication schemes ().

namespace API
{
    public class Startup
    {
        public IConfigurationRoot Configuration { get; }



        public void ConfigureScopeServices(IServiceCollection services)
        {

            services.AddDbContext<AppDbContext>(options => options.UseMySql(Configuration.GetConnectionString("Default")));

        }

        public void ConfigureCompressionService(IServiceCollection services)
        {
            services.Configure<GzipCompressionProviderOptions>(options => options.Level = CompressionLevel.Fastest);
            services.AddResponseCompression(options => { options.Providers.Add<GzipCompressionProvider>(); });
        }

        public void ConfigureJWTService(IServiceCollection services)
        {
            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();

            var tokenValidationParameters = new TokenValidationParameters
            {
                ValidateIssuerSigningKey = true,
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration.GetSection("ApplicationConfiguration:TokenOptions:SigningKey").Value)),

                ValidateIssuer = true,
                ValidIssuer = Configuration.GetSection("ApplicationConfiguration:TokenOptions:Issuer").Value,

                ValidateAudience = true,
                ValidAudience = Configuration.GetSection("ApplicationConfiguration:TokenOptions:Audience").Value,

                ValidateLifetime = true,
                NameClaimType = JwtRegisteredClaimNames.Sub,
                RoleClaimType = "Roles"
            };

            services.AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(o =>
            {
                o.TokenValidationParameters = tokenValidationParameters;
            });
        }
        public void ConfigureServices(IServiceCollection services)
        {
            this.ConfigureScopeServices(services);
            this.ConfigureCompressionService(services);
            this.ConfigureJWTService(services);

            services.Configure<ApplicationConfiguration>(Configuration.GetSection("ApplicationConfiguration"));

            //Customized Response Object to Map MiddleWare Response Object
            var formatterSettings = JsonSerializerSettingsProvider.CreateSerializerSettings();
            formatterSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore;
            ResponseFormatter formatter = new ResponseFormatter(formatterSettings, ArrayPool<Char>.Create());
            services.AddMvcCore()
            .AddApiExplorer()
            .AddAuthorization()
            .AddFormatterMappings()
            .AddDataAnnotations()
            .AddJsonFormatters()
            .AddCors()
            .AddMvcOptions(
                options =>
                {
                    options.OutputFormatters.RemoveType<JsonOutputFormatter>();
                    options.OutputFormatters.Insert(0, formatter);
                }
            );

        }

        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
            loggerFactory.AddConsole(Configuration.GetSection("Logging"));
            loggerFactory.AddDebug();
            app.UseCors(
                builder => builder
                .AllowAnyOrigin()
                .AllowAnyMethod()
                .AllowAnyHeader()
                .AllowCredentials()
            );

            app.UseMvc();
            app.UseResponseCompression();
        }
    }
}

Answer 1

I think you missed authentication middleware: app.UseAuthentication().

Please try this:

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
            loggerFactory.AddConsole(Configuration.GetSection("Logging"));
            loggerFactory.AddDebug();
            app.UseCors(
                builder => builder
                .AllowAnyOrigin()
                .AllowAnyMethod()
                .AllowAnyHeader()
                .AllowCredentials()
            );
            app.UseAuthentication();
            app.UseMvc();
            app.UseResponseCompression();
        }