发表新帖
发表新帖

API end point returning “Authorization has been denied for this request.” when sending bearer token

前端 未结
关注
3 1102
清酒与你
清酒与你 2021-02-04 05:08

I\'ve followed a tutorial to protect a Web API with OAuth in C#.

I\'m doing some tests and so far I\'ve been able to get the access token successfully from /token

3条回答
  • 遥遥无期
    遥遥无期 (楼主)
    2021-02-04 05:13

    Issue is pretty simple: Change order of your OWIN pipeline.

    public void Configuration(IAppBuilder app)
{
    ConfigureOAuth(app);
    var config = new HttpConfiguration();
    WebApiConfig.Register(config);
    app.UseWebApi(config);
}

    For OWIN pipeline order of your configuration quite important. In your case, you try to use your Web API handler before the OAuth handler. Inside of it, you validate your request, found you secure action and try to validate it against current Owin.Context.User. At this point this user not exist because its set from the token with OAuth Handler which called later.

    0 讨论(0)
 看不清?
提交回复
热议问题