-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTTP 401 Unauthorized on bff/user call #1073
Comments
I've looked a bit more. But when I add the same to my private async Task<ClaimsPrincipal> FetchUser()
{
try
{
var context = this.httpContextAccessor.HttpContext;
var result = await context!.AuthenticateAsync();
this.logger.LogInformation("Authentication success: {result}", result.Succeeded);
this.logger.LogInformation("Fetching user information.");
this.client.BaseAddress = new Uri(this.navigationManager.BaseUri);
// Returns HTTP 401 Unauthorized
var response = await this.client.GetAsync("bff/user?slide=false");
if (response.StatusCode == HttpStatusCode.OK)
{
var claims = await response.Content.ReadFromJsonAsync<List<ClaimRecord>>();
var identity = new ClaimsIdentity(
nameof(BffAuthenticationStateProvider),
"name",
"role");
foreach (var claim in claims!)
{
identity.AddClaim(new Claim(claim.Type, claim.Value.ToString()!));
}
return new ClaimsPrincipal(identity);
}
}
catch (Exception ex)
{
this.logger.LogWarning(ex, "Fetching user failed.");
}
return new ClaimsPrincipal(new ClaimsIdentity());
} My application logs:
|
Hi @ngruson, sorry for the delay getting back to you! We are actively working on an update to the BFF and new samples to show how to solve auth issues in blazor with .NET 8. For more details on my thoughts about the problems we're working on, see this comment, and this open issue in our samples repo. In the interest of keeping things organized, I'm closing this along with some other related issues, but feel free to provide feedback and comments in (DuendeSoftware/Samples#142) |
I've got things working now by looking at the samples. I'm using a server-side token store to read/write the access token. |
Which version of Duende BFF are you using?
Duende.BFF 2.2.0
Which version of .NET are you using?
.NET 8
Describe the bug
I'm trying to use Duende BFF in a .NET 8 Blazor server app (not WASM).
I found your article https://docs.duendesoftware.com/identityserver/v6/quickstarts/7_blazor/ which I followed as much as possible.
I get stuck when implementing
BffAuthenticationStateProvider
.The login part with Identity Server works, but the call to
bff/user
results in an HTTP 401 Unauthorized error.In
BffAuthenticationStateProvider
, I use aIHttpClientFactory
to grab the correctHttpClient
instance on init.Then I do the call with this client to the
bff/user
endpoint.I configured the
HttpClient
as follows:I try to add the access token to the client using your
AddUserAccessTokenHandler
extension method fromDuende.AccessTokenManagement.OpenIdConnect
package.The access token is set correctly in the
HttpContext
, but still I get this Unauthorized error.What could be wrong here?
Log output/exception with stacktrace
The text was updated successfully, but these errors were encountered: