Addition of BearerToken Authorization Header in DelegatingHandler ASP.NET Web API

Question

Why if I add authorization header with right token in my custom DelegatingHandler to the request without this header, I get the response: 401 authorization required?

public class ProxyHandler : DelegatingHandler
{
   protected async override Task<HttpResponseMessage> SendAsync(
        HttpRequestMessage request, CancellationToken cancellationToken)
   {
        request.Headers.Add("Authorization", "Bearer rightToken...");
        return response = await base.SendAsync(request, cancellationToken);
    }
}

If I send the request from postman with the same authorization header, I got 200 OK.

I do not understand the first paragraph. Maybe you can re-phrase it as a question and make your sentences shorter for better understanding. — Matthias, Sep 14 '15 at 12:51
Can you also show the complete code sample that uses your `DelegatingHandler`? — Brendan Green, Sep 15 '15 at 05:26
I have added ProxyHandler.cs in WebApiConfig.cs (config.MessageHandlers.Add(new ProxyHandler());) — paulka, Sep 15 '15 at 05:29

score 0 · Answer 1 · answered Sep 15 '15 at 08:24

I found the answer. The method AuthenticateCoreAsync from OAuthBearerAuthenticationHandler.cs class was fired before my ProxyHandler. After I have changed AuthenticationMode in OAuthBearerAuthenticationOptions from Active to Passive, request token in header is being checked after method base.SendAsync(request, cancellationToken) from my ProxyHandler is fired.

Addition of BearerToken Authorization Header in DelegatingHandler ASP.NET Web API

1 Answers1