public partial class Startup
{
public void Configuration(IAppBuilder app)
{
// Configure IdSrv before any AutoFac DI registrtion
app.ConfigureIdentityServer();
// Congiure WebApi, MVC, With AutoFac
var httpConfig = new HttpConfiguration();
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
WebApiConfig.Register(httpConfig);
SwaggerConfig.Register(httpConfig);
// Configure WebApi to be a scope of the IdSrv that protected by it.
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = ConfigMngr.GetAppSettingsValue<string>("IdSrv:PublicOrigin"),
RequiredScopes = new[] { "BS.APIs" },
// We use the below line because the WebApis and IdentityServer are hosted in the same web app.
DelayLoadMetadata = true,
// Below 2 lines used for JWT
//IssuerName = "https://bsidentity.local/identity/",
//SigningCertificate = LoadWebApiCertificate(),
ClientId = "42fae5e007ad",
ClientSecret = "a7c4c3c14003",
EnableValidationResultCache = false,
ValidationMode = ValidationMode.ValidationEndpoint,
});
app.UseWebApi(httpConfig);
ConfigureIOC(app, httpConfig);
app.UseAutofacMvc();
app.UseAutofacWebApi(httpConfig);
}
/// <summary>
/// Load the certificate that sign the Id or Jw token
/// </summary>
/// <returns></returns>
private static X509Certificate2 LoadWebApiCertificate()
{
//TODO: We need to create our own self-signed certificate.
string baseDirectory = AppDomain.CurrentDomain.BaseDirectory;
return new X509Certificate2(
Path.Combine(AppDomain.CurrentDomain.BaseDirectory, ConfigMngr.GetAppSettingsValue<string>("IdSrv:SigningCertificatePath")), ConfigMngr.GetAppSettingsValue<string>("IdSrv:SigningCertificatePassword"));
}
}
I tried a lot of solutions like:
re order all the middlewares by putting app.UseIdentityServerBearerTokenAuthentication before and after app.UseWebApi(httpConfig); as i tried a lot of orders.
Re check scope and client configurations and add some explicit configs like ClientId and ClientSecret
I tried to separate WebApi and MVC and Identity everyone in separate pipeline using app.Map but the same issue exists.
I want a way to let me know the exact reason behind the 401 Unauthorized? I think AccessTokenValidation didn't trigger at all? Is it an issue with AutoFac or with incompatible Nuget library (for example IdentityModel and AccessTokenValidation ) version between projects, but i checked most of the questions, configurations and documentations and the issue still exists.
Here's my startup.cs:
I tried a lot of solutions like:
I want a way to let me know the exact reason behind the 401 Unauthorized? I think AccessTokenValidation didn't trigger at all? Is it an issue with AutoFac or with incompatible Nuget library (for example IdentityModel and AccessTokenValidation ) version between projects, but i checked most of the questions, configurations and documentations and the issue still exists.
Is it any suggestions please ??