bearer-token

Is this an acceptable implementation of a custom bearer token authorization mechanism? Authorization Attribute public class AuthorizeAttribute : TypeFilterAttribute { public AuthorizeAttribute(): base(typeof(AuthorizeActionFilter)){} } public class AuthorizeActionFilter : IAsyncActionFilter { private readonly IValidateBearerToken _authToken; public AuthorizeActionFilter(IValidateBearerToken authToken) { _authToken = authToken; } public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { const string AUTHKEY = "authorization"; var headers = context

I'm writing an API service in MVC (no views, just API), and I want to use OAuth 2.0 tokens acquired via the client_credentials flow (2-legged OAuth). I created an ActiveDirectory app in the Azure management portal , and have successfully acquired a bearer token (see screenshot from Postman at the bottom). Then I installed the Microsoft.Owin.Security.ActiveDirectory nuget package, created an Owin startup class and wrote the following code in it: public class OwinStartup { public void Configuration(IAppBuilder app) { // For more information on how to configure your application, visit http://go

I am attempting to test my Laravel 4 REST API using Codeception, but when I try to send through my Authorization header (using the $I->amBearerAuthenticated() function of the REST module) it is not making it through to the eventual request. From what I can see, the Symfony2 BrowserKit module modifies any headers added into the HTTP_XXX_XXX format, so the header being sent seems to be HTTP_AUTHORIZATION - when I output the received headers in my application, however, neither Authorization nor HTTP_AUTHORIZATION are present. If it helps, here is my Codeception test: public function

For the first time I'm creating Authorization in ASP.NET Core. I used tutorial from here TUTORIAL The problem is when I sending request from postman: Authorization:Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6I... to my method in controller decorated with [Authorize] attribute. I receive 401 Unauthorized always... I saw comments bellow that tutorial and it seems that some people have similar issue also. I've no idea how I can solve this problem. At the request of others here is the answer: The problem was with the middleware order in Startup.cs public void Configure(IApplicationBuilder app,

I am using Yii2 framework as the backend and react js for the client side. I am trying to create REST api with HTTPBearer authentication but always get a 401 Unauthorized error . I have followed the Yii2 Rest api authentication with no success. I have also implemented findIdentityByAccessToken on user.php and access_token on my sql. My files:- Folder structure:- -api --config --main.php --main-local.php ... --modules --v1 --controllers --CheckinsController.php -backend -common -frontend .. main.php <?php $params = array_merge( require(__DIR__ . '/../../common/config/params.php'), require(__DIR

I am new to using Rest Assured,Java and Api testing so please be gentle with me. When I use rest assured to test an api that uses Bearer authentication the tests fail resulting in:- java.net.ConnectException: Connection refused: connect I know the issue is likely to do with the authentication but am unsure on how to use "Bearer". I searched around and believe that somehow I need to make an initial request using my username and password. Then get a token back to be used for bearer authentication. Please can someone help me to do this with a very simple example? My code is import com.jayway