candreouTrade
commented
4 years ago Did you get this working in the end?
Closed osueboy closed 8 months ago
candreouTrade
commented
4 years ago Did you get this working in the end?
osueboy
commented
4 years ago Did you get this working in the end?
The problem i had seemed to be server redirecting from http to https, if you force every call to be https it wont redirect from http to https and should work
B6692
commented
3 years ago Did you get this working in the end?
The problem i had seemed to be server redirecting from http to https, if you force every call to be https it wont redirect from http to https and should work
How can you force every call to be https and make sure bearer tokens are redirected downstream?
raman-m
commented
8 months ago raman-m
commented
8 months ago @osueboy
Update: Disregard this, https redirection was losing the authentication header. Everything works
Sounds like a success story! Stay with Ocelot! :tiger2:
Update: Disregard this, https redirection was losing the authentication header. Everything works
This seems to work on 2.0.2
Hi, sorry to post question like this, i just dont know what else to do, ive read docs, i ve read examples, nothing works.
both config in startup send the same data as seen in catcherwong examples. Everything is correct, but it seems gateway is not forwarding the authorization header. Is there something aditional i need to configure, ive been trying for a week. Ive got consul working, if i send token to endpoint directly it works, when i do it through gateway returns 401.
Expected Behavior
[Autorize] end point should be 200(OK) when i pass bearer token.
Actual Behavior
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 GET http://localhost:44311/bpm application/json Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler:Information: Successfully validated the token. Ocelot.Errors.Middleware.ExceptionHandlerMiddleware:Debug: requestId: 0HLQ6DVMBLEK9:00000004, previousRequestId: no previous request id, message: ocelot pipeline started Ocelot.DownstreamRouteFinder.Middleware.DownstreamRouteFinderMiddleware:Debug: requestId: 0HLQ6DVMBLEK9:00000004, previousRequestId: no previous request id, message: Upstream url path is /bpm Ocelot.DownstreamRouteFinder.Middleware.DownstreamRouteFinderMiddleware:Debug: requestId: 0HLQ6DVMBLEK9:00000004, previousRequestId: no previous request id, message: downstream templates are /api/values Ocelot.RateLimit.Middleware.ClientRateLimitMiddleware:Information: requestId: 0HLQ6DVMBLEK9:00000004, previousRequestId: no previous request id, message: EndpointRateLimiting is not enabled for /api/values Ocelot.Authentication.Middleware.AuthenticationMiddleware:Information: requestId: 0HLQ6DVMBLEK9:00000004, previousRequestId: no previous request id, message: /bpm is an authenticated route. AuthenticationMiddleware checking if client is authenticated Ocelot.Authentication.Middleware.AuthenticationMiddleware:Information: requestId: 0HLQ6DVMBLEK9:00000004, previousRequestId: no previous request id, message: Client has been authenticated for /bpm Ocelot.Authorisation.Middleware.AuthorisationMiddleware:Information: requestId: 0HLQ6DVMBLEK9:00000004, previousRequestId: no previous request id, message: route is authenticated scopes must be checked Ocelot.Authorisation.Middleware.AuthorisationMiddleware:Information: requestId: 0HLQ6DVMBLEK9:00000004, previousRequestId: no previous request id, message: user scopes is authorised calling next authorisation checks Ocelot.Authorisation.Middleware.AuthorisationMiddleware:Information: requestId: 0HLQ6DVMBLEK9:00000004, previousRequestId: no previous request id, message: /api/values route does not require user to be authorised Ocelot.DownstreamUrlCreator.Middleware.DownstreamUrlCreatorMiddleware:Debug: requestId: 0HLQ6DVMBLEK9:00000004, previousRequestId: no previous request id, message: Downstream url is http://localhost:61067/api/values
Steps to Reproduce the Problem
This is the ocelot.json part { "ServiceName": "bpm", "UpstreamPathTemplate": "/bpm", "DownstreamPathTemplate": "/api/values", "UpstreamHttpMethod": [ "Get" ], "DownstreamScheme": "http", "LoadBalancerOptions": { "Type": "LeastConnection" }, "AuthenticationOptions": { "AuthenticationProviderKey": "TestKey", "AllowedScopes": [] }, "HttpHandlerOptions": { "AllowAutoRedirect": true } }
the endpoint // GET api/values [Authorize] [HttpGet] public ActionResult<IEnumerable> Get()
{
return new string[] { "Success" };
}
Specifications
Version : 13.5.2