Web Api Controllers Request.GetOwinContext() returns null when using this package

IdentityServer / IdentityServer3.AccessTokenValidation

OWIN Middleware to validate access tokens from IdentityServer3

Apache License 2.0

91 stars 149 forks source link

Web Api Controllers Request.GetOwinContext() returns null when using this package #109

Closed tstone84 closed 7 years ago

tstone84 commented 7 years ago

I am using this package in conjunction with IdentityServer3. When I add an Authorize attribute to my controller I can successfully get the User through the User on the controller, however, the Request.GetOwinContext() return null. This normally wouldn't be a major issue, however, it causes issues when working with other packages for ResourceAuthorization (Thinktecture.IdentityModel), which uses Request.GetOwinContext() within many of it's methods.

Am I missing some configuration or is this just a bug?

CrescentFresh commented 7 years ago

FWIW I cannot reproduce, Tried with the usual accesstoken authentication setup and this controller code:

[Authorize]
[RoutePrefix("")]
public class DefaultController : ApiController
{
    [HttpGet]
    [Route("")]
    public IHttpActionResult Index()
    {
        var ctx = Request.GetOwinContext();

        return Ok(ctx.Authentication.User.Identity.Name);
    }
}

No error.

tstone84 commented 7 years ago

@CrescentFresh You would need to be using Thinktecture.IdentityModel ResourceAuthorization package. I ended up just implementing my own custom Authorize attribute and got it working by simply pulling the Principal off of the request context.

CrescentFresh commented 7 years ago

Your issue description is off-base then.

As it's stated, "I am using this package... When I add an Authorize attribute to my controller ... the Request.GetOwinContext() return null". This is false as my example shows.

If there is a problem with Thinktecture.IdentityModel.ResourceAuthorize you should open a ticket in that package's issue tracker.

tstone84 commented 7 years ago

@CrescentFresh It has been a while since I placed this issue here and I'm fairly certain it is not off-base because at the time I was having that issue. Just because you can get a controller working and pasting that code here doesn't mean a lot. You may have different nuget packages installed, different config, etc. Again, it's been so long since I placed this issue here that I've moved past this which my own solution.

CrescentFresh commented 7 years ago

Relax, I said your issue description is off-base. I'm sure you have real code that is broken.

I was just clarifying for others that the description in the original ticket does not match your follow-up comment describing the problem as it lies in ResourceAuthorization.

brockallen commented 7 years ago

Sorry, not sure, but since you have a workaround we'll close.