search

dotnet / core

.NET news, announcements, release notes, and more!
https://dot.net
MIT License
20.96k stars 4.91k forks source link

.net5pv8 - Win32Exception when calling windows-auth-API from blazor page #5132

Closed tecxx closed 4 years ago

tecxx commented 4 years ago

Issue Title

in .net5, when calling a windows-auth-based API from a blazor page results in Win32Exception: the token supplied to the function is invalid, while in .net 3.1 the same call works fine.

General

.net SDK 5.0.100-preview.8.20417.9 vstudio 2019 preview 2 win10 latest, iis express

i have a fairly simple test app to showcase this error:

index.razor (a blazor page to trigger an API request)

@page "/"

<h1>impersonation test</h1>
<button @onclick="doItHttps">test https</button>

@code{ 
    private void doItHttps()
    {
        string pichtmlsource = "https://localhost:44313/api/Image/9f3b4a7c-0d5f-41c5-aa92-b28b7aa80bf6";

        using (System.Net.WebClient client = new System.Net.WebClient())
        {
            client.UseDefaultCredentials = true;
            client.DownloadFile(new Uri(pichtmlsource), @"c:\temp\image.png");
        }
    }
}

ImageController.cs (API handler)

namespace imagetest
{
    [Route("api/[controller]")]
    [ApiController]
    public class ImageController : ControllerBase
    {
        [HttpGet("{guid}")]
        public async Task<ActionResult> Get(Guid guid)
        {
            return NotFound();  // breakpoint here
        }

    }
}

what is happening?

run the project. access the api with a browser on https://localhost:44313/api/Image/9f3b4a7c-0d5f-41c5-aa92-b28b7aa80bf6 this works fine, the controller method is called correctly, verified with a breakpoint in debug mode.

now click the test https button in the blazor page -> you get an exception "Win32Exception: The token supplied to the function is invalid"

image

when running the same test with .net core 3.1 as target framework, the call succeeds without problem, verified with a breakpoint:

image

additionally, it seems that switching to http instead of https also gets rid of this issue. so this seems to be only happening with https calls and .net 5 preview.

tecxx commented 4 years ago

i could not reproduce this with .net5 RC1 will try some more but this can probably be considered as "fixed"

carlossanlop commented 4 years ago

Thanks for testing in RC1.