search

dotnet / aspnetcore

ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web applications on Windows, Mac, or Linux.
https://asp.net
MIT License
35.44k stars 10.02k forks source link

Misleading error message when an Authorization Handler is not registered #21607

Open ADH-LukeBollam opened 4 years ago

ADH-LukeBollam commented 4 years ago

Describe the bug

The error message provided when Authorization failed due to a Handler not being registered is currently: info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2] Authorization failed. info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler[13] AuthenticationScheme: Bearer was forbidden. This suggests there is something wrong with the Bearer Token provided, the Authentication scheme, or the default Authorization (ie. not signed in / bearer token is missing). It's especially confusing when you aren't using the [Authorize] tag at all.

The error message would be far more useful if it at least logged the usual "Dependency [HandlerName] could not be resolved" like other missing dependency errors, though maybe throwing an exception is applicable here too. The current error message is sending programmers down a rabbit hole unrelated to the actual issue.

To Reproduce

Use the code from this sample and remove: services.AddSingleton<IAuthorizationHandler, MinimumAgeAuthorizationHandler>(); from Startup.cs. Try to access methods in the HomeController.

Further technical details

Runtime Environment: OS Name: Windows OS Version: 10.0.18362 OS Platform: Windows RID: win10-x64 Base Path: C:\Program Files\dotnet\sdk\3.1.101\

Host (useful for support): Version: 3.1.1 Commit: a1388f194c

.NET Core SDKs installed: 3.0.100 [C:\Program Files\dotnet\sdk] 3.1.101 [C:\Program Files\dotnet\sdk]

.NET Core runtimes installed: Microsoft.AspNetCore.All 2.1.13 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.App 2.1.13 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 3.0.0 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 3.1.1 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.NETCore.App 2.0.7 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 2.1.13 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 3.0.0 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 3.1.1 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.WindowsDesktop.App 3.0.0 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App] Microsoft.WindowsDesktop.App 3.1.1 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]

analogrelay commented 4 years ago

Triage: We could probably do something to improve logging here.