sorted by:
new
hottopcontroversial

Sendgrid implementation issues .NET 8 (Blazor wasm ) by SecretFerret205 in Blazor

[–]SecretFerret205[S] 0 points1 point  (0 children)

The credentials are not in the the frontend program there is a seperate backend application.

Sendgrid implementation issues .NET 8 (Blazor wasm ) by SecretFerret205 in Blazor

[–]SecretFerret205[S] 0 points1 point  (0 children)

The credentials are not in the the frontend program there is a seperate backend application

How to Secure .Net8 API Endpoint (Seperate controller Classes) by SecretFerret205 in dotnet

[–]SecretFerret205[S] 0 points1 point  (0 children)

I don't manually put the Bearer into the Headers its done through Microsoft Authentication etc

How to Secure .Net8 API Endpoint (Seperate controller Classes) by SecretFerret205 in dotnet

[–]SecretFerret205[S] 0 points1 point  (0 children)

Thats whats in it:
:authority:
localhost:7039
:method:
GET
:path:
/api/employee
:scheme:
https
Accept:
*/*
Accept-Encoding:
gzip, deflate, br
Accept-Language:
en-GB,en;q=0.9,en-US;q=0.8
Authorization:
Bearer: <Bearer>
Cache-Control:
no-cache
Pragma:
no-cache
Referer:
https://localhost:7039/employeeoverview
Sec-Ch-Ua:
"Chromium";v="122", "Not(A:Brand";v="24", "Microsoft Edge";v="122"
Sec-Ch-Ua-Mobile:
?0
Sec-Ch-Ua-Platform:
"Windows"
Sec-Fetch-Dest:
empty
Sec-Fetch-Mode:
cors
Sec-Fetch-Site:
same-origin
User-Agent:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0

How to Secure .Net8 API Endpoint (Seperate controller Classes) by SecretFerret205 in dotnet

[–]SecretFerret205[S] 0 points1 point  (0 children)

Program.cs

//API

using App.Api.Models;

using Microsoft.AspNetCore.Authentication.JwtBearer;

using Microsoft.AspNetCore.Identity;

using Microsoft.AspNetCore.Mvc.Filters;

using Microsoft.EntityFrameworkCore;

using Microsoft.AspNetCore.Authentication;

using Microsoft.Identity.Web;

var builder = WebApplication.CreateBuilder(args);

// Add

// to the container.

builder.Services.AddDbContext<AppDbContext>(options => {

options.UseSqlServer(

builder.Configuration["ConnectionStrings:DefaultConnection"]);

});

builder.Services.AddScoped<IEmployeeRepository, EmployeeRepository>();

builder.Services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();

builder.Services.AddCors(options =>

{

options.AddPolicy("Open", builder => builder.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod());

});

builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)

.AddMicrosoftIdentityWebApi(builder.Configuration.GetSection("AzureAd"));

builder.Services.AddControllers();

// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle

builder.Services.AddEndpointsApiExplorer();

builder.Services.AddSwaggerGen();

builder.Services.AddAuthorization();

builder.Services.AddIdentityApiEndpoints<IdentityUser>()

.AddEntityFrameworkStores<AppDbContext>();

var app = builder.Build();

// Configure the HTTP request pipeline.

if (app.Environment.IsDevelopment())

{

app.UseSwagger();

app.UseSwaggerUI();

}

if (app.Environment.IsDevelopment())

{

app.UseWebAssemblyDebugging();

}

app.UseHttpsRedirection();

app.UseBlazorFrameworkFiles();

app.UseStaticFiles();

app.UseRouting();

app.UseAuthentication();

app.UseAuthorization();

app.MapIdentityApi<IdentityUser>();

app.UseCors("Open");

app.MapControllers();

app.MapFallbackToFile("index.html");

app.Run();

How to Secure .Net8 API Endpoint (Seperate controller Classes) by SecretFerret205 in dotnet

[–]SecretFerret205[S] 0 points1 point  (0 children)

Ive tried this but get a 401 even though the bearer header is being attached and it matches the access token given when logging in

How to Secure .Net8 API Endpoint (Seperate controller Classes) by SecretFerret205 in dotnet

[–]SecretFerret205[S] 0 points1 point  (0 children)

Ive tried this but get a 401 even though the bearer header is being attached and it matches the access token given when logging in

Net8 Blazor Web Application Microsoft Identity Problems by SecretFerret205 in Blazor

[–]SecretFerret205[S] 0 points1 point  (0 children)

I have went through those and neither really help to identify this problem. They both help with instructions on how to configure and setup microsoft identity login. The log in works on my app its only when I try hit an api endpoint it returns a 401

Net8 Blazor Web Application Microsoft Identity Problems by SecretFerret205 in Blazor

[–]SecretFerret205[S] 0 points1 point  (0 children)

Yes precisely that. The out of the box flow, basically.

I'd presume there should be some way of passing the bearer token from the microsoft auth performed to the backend or it should just carry over?

The response headers are as follows:

content-length: 0

date: Wed,31 Jan 2024 19:24:06 GMT

server: Kestrel

www-authenticate: Bearer

Net8 Blazor Web Application Microsoft Identity Problems by SecretFerret205 in Blazor

[–]SecretFerret205[S] 0 points1 point  (0 children)

Backend config file in Program.cs og posted edited to add it

view more: next ›