I have followed tutorials on pluralsight (Sign In | Pluralsight), the article you all did, Authenticating your Angular app with Auth0 & ASP .Net OWIN, and I still cannot connect.
public void ConfigureAuth(IAppBuilder app)
{
const string domain = "https://MY_DOMAIN.auth0.com/";
var auth0ClientId = "COPIED_CLIENT_ID";
var auth0ClientSecret = "COPIED_SECRET";
var base64Key = TextEncodings.Base64.Encode(TextEncodings.Base64Url.Decode(auth0ClientSecret));
// note: I have also tried base64Key = TextEncodings.Base64Url.Decode(auth0ClientSecret) and this does not work either
app.UseJwtBearerAuthentication(new JwtBearerAuthenticationOptions
{
AuthenticationMode = AuthenticationMode.Active,
AllowedAudiences = new] { auth0ClientId },
IssuerSecurityTokenProviders = new IIssuerSecurityTokenProvider]
{
new SymmetricKeyIssuerSecurityTokenProvider(
domain,
base64Key)
},
});
}
No matter what, I attempt to log in and it fails.
I’ll sign in via postman by using the followowing:
URL: https://MY_DOMAIN.auth0.com/oauth/ro
Method: POST
Body: {
"client_id": "MY_COPIED_CLIENT_ID",
"connection": "Username-Password-Authentication",
"username": "THE_USER@gmail.com",
"password": "*********",
"scope": "openid user_metadata scope"
}
I’ll try to hit the service by doing the following:
URL: http://localhost:53629/api/me/user
Method: GET
Headers:
Authorization: Bearer *received token id*
Content-Type: application/json
Accept: application/json
My tokenid is valid, and does have the proper payload:
{
"user_metadata": {
"edit-news": "write",
"role": "admin"
},
"iss": "https://MY_DOMAIN.auth0.com/",
"sub": "auth0|57d466cd42c0a9fe799ec97a",
"aud": "AUTH_0_CLIENT_ID",
"exp": 1493779997,
"iat": 1493743997
}
My response is always the same:
{
"message": "Authorization has been denied for this request."
}
Every time I run this, nothing happens and it’s driving me crazy. I love this tool, and we use it work, but for some reason, I am struggling when it comes to setting this up with a personal project. I’m at the point where I started a new web api project just to see if I could get this working with hopes of transferring it the actual project. I have even updated the secret to a new key via the dashboard in hopes of that fixing something.
This is the end point I’m hitting:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using System.Web;
using System.Web.Http;
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Identity.EntityFramework;
using Microsoft.AspNet.Identity.Owin;
using Microsoft.Owin.Security;
using Owin;
using WebApplication3.Models;
namespace WebApplication3.Controllers
{
[Authorize]
public class MeController : ApiController
{
public MeController()
{
}
[Authorize]
[HttpGet]
[Route("user")]
public async Task<IHttpActionResult> GetUser()
{
var claimsIdentity = User.Identity as ClaimsIdentity;
// Extract tokens
string accessToken = claimsIdentity?.Claims.FirstOrDefault(c => c.Type == "access_token")?.Value;
string idToken = claimsIdentity?.Claims.FirstOrDefault(c => c.Type == "id_token")?.Value;
string refreshToken = claimsIdentity?.Claims.FirstOrDefault(c => c.Type == "refresh_token")?.Value;
return await Task.FromResult(Ok(new { accessToken, idToken, refreshToken }));
}
}
}
In the end, all I want is to be able to see the Bearer token in action
Also, this is the package config It’s a default of everything.
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="Antlr" version="3.4.1.9004" targetFramework="net462" />
<package id="bootstrap" version="3.0.0" targetFramework="net462" />
<package id="EntityFramework" version="6.1.3" targetFramework="net462" />
<package id="jQuery" version="1.10.2" targetFramework="net462" />
<package id="Knockout.Validation" version="1.0.1" targetFramework="net462" />
<package id="knockoutjs" version="2.3.0" targetFramework="net462" />
<package id="Microsoft.AspNet.Identity.Core" version="2.2.1" targetFramework="net462" />
<package id="Microsoft.AspNet.Identity.EntityFramework" version="2.2.1" targetFramework="net462" />
<package id="Microsoft.AspNet.Identity.Owin" version="2.2.1" targetFramework="net462" />
<package id="Microsoft.AspNet.Mvc" version="5.2.3" targetFramework="net462" />
<package id="Microsoft.AspNet.Razor" version="3.2.3" targetFramework="net462" />
<package id="Microsoft.AspNet.Web.Optimization" version="1.1.3" targetFramework="net462" />
<package id="Microsoft.AspNet.WebApi" version="5.2.3" targetFramework="net462" />
<package id="Microsoft.AspNet.WebApi.Client" version="5.2.3" targetFramework="net462" />
<package id="Microsoft.AspNet.WebApi.Core" version="5.2.3" targetFramework="net462" />
<package id="Microsoft.AspNet.WebApi.HelpPage" version="5.2.3" targetFramework="net462" />
<package id="Microsoft.AspNet.WebApi.Owin" version="5.2.3" targetFramework="net462" />
<package id="Microsoft.AspNet.WebApi.WebHost" version="5.2.3" targetFramework="net462" />
<package id="Microsoft.AspNet.WebPages" version="3.2.3" targetFramework="net462" />
<package id="Microsoft.CodeDom.Providers.DotNetCompilerPlatform" version="1.0.0" targetFramework="net462" />
<package id="Microsoft.Net.Compilers" version="1.0.0" targetFramework="net462" developmentDependency="true" />
<package id="Microsoft.Owin" version="3.1.0" targetFramework="net462" />
<package id="Microsoft.Owin.Host.SystemWeb" version="3.0.1" targetFramework="net462" />
<package id="Microsoft.Owin.Security" version="3.1.0" targetFramework="net462" />
<package id="Microsoft.Owin.Security.Cookies" version="3.0.1" targetFramework="net462" />
<package id="Microsoft.Owin.Security.Facebook" version="3.0.1" targetFramework="net462" />
<package id="Microsoft.Owin.Security.Google" version="3.0.1" targetFramework="net462" />
<package id="Microsoft.Owin.Security.Jwt" version="3.1.0" targetFramework="net462" />
<package id="Microsoft.Owin.Security.MicrosoftAccount" version="3.0.1" targetFramework="net462" />
<package id="Microsoft.Owin.Security.OAuth" version="3.1.0" targetFramework="net462" />
<package id="Microsoft.Owin.Security.Twitter" version="3.0.1" targetFramework="net462" />
<package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net462" />
<package id="Modernizr" version="2.6.2" targetFramework="net462" />
<package id="Newtonsoft.Json" version="7.0.1" targetFramework="net462" />
<package id="Owin" version="1.0" targetFramework="net462" />
<package id="Respond" version="1.2.0" targetFramework="net462" />
<package id="Sammy.js" version="0.7.4" targetFramework="net462" />
<package id="System.IdentityModel.Tokens.Jwt" version="4.0.0" targetFramework="net462" />
<package id="WebGrease" version="1.5.2" targetFramework="net462" />
</packages>
Any help is greatly appreciated.
Thanks,
Kelly