Closed j-bore closed 8 years ago
Not sure. Can you investigate why in OWIN/Katana there would be a difference between those two lines of code?
Are you sure you want to use a header called Authentication
instead of Authorization
?
Good point! Once again I was being stupid. I got that header from frontend and didn't think about it. Using authorization everything works. And surely that is the header that should be used.
Hi
I've have had a long fight trying to get accesstoken validation to work in webapi 4.6.1 / OWIN / Autofac combination. Problem was that I couldn't get claims. I also opened a question in Stackoverflow (http://stackoverflow.com/questions/38712088/protecting-webapi-with-identityserver-and-autofac-cant-get-claims) since I couldn't find any real-life sample on this setup.
After debugging I found out that problem was in IdentityServerBearerTokenValidationMiddleware -class in GetTokenAsync. Fo some reason following line didn't work.
When I changed it to following, everything worked.
This is so crucial part of the library I find it hard to believe it's a bug - it must be something related to my setup. I just wanted to let you know in case somebody understands why this happens and can it be prevented somehow.