Give response to JWT wrong Authentication Asp.Net Core Web Api

Question

I have applied tutorial and created one asp.net core web API authentication application.

Everything is fine and running perfect but if I pass the wrong authorization key it is not returning anything.

I tried below code to test but I am not getting context delegate.

x.Events.OnChallenge = context =>
                {
                    // Skip the default logic.
                    context.HandleResponse();

                    var payload = new JObject
                    {
                        ["error"] = context.Error,
                        ["error_description"] = context.ErrorDescription,
                        ["error_uri"] = context.ErrorUri
                    };

                    return context.Response.WriteAsync(payload.ToString());
                };

I also want to set custom error return code for the wrong authorization so any help would be appreciated.

Thanks in advance.

My configuration services code is :

public void ConfigureServices(IServiceCollection services)
        {
            services.AddCors();
            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);

            // configure strongly typed settings objects
            var appSettingsSection = Configuration.GetSection("AppSettings");
            services.Configure<AppSettings>(appSettingsSection);

            // configure jwt authentication
            var appSettings = appSettingsSection.Get<AppSettings>();
            var key = Encoding.ASCII.GetBytes(appSettings.Secret);
            services.AddAuthentication(x =>
            {
                x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            })

            .AddJwtBearer(x =>
            {
                x.RequireHttpsMetadata = false;
                x.SaveToken = true;
                x.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuerSigningKey = true,
                    IssuerSigningKey = new SymmetricSecurityKey(key),
                    ValidateIssuer = false,
                    ValidateAudience = false
                };
            });

            // configure DI for application services
            services.AddScoped<IUserService, UserService>();
        }

score 1 · Accepted Answer · edited Feb 08 '19 at 09:38

1

It will not work since in startup.cs file you would have used

app.UseJwtBearerAuthentication(new JwtBearerOptions()
{//other stuff}

which works with [Authorize] data annotation on your methods and concurrently only when a valid token is passed.

Later you can extract claims and perform validation on

HttpContext.User.Identity as ClaimsIdentity;

You can check this...if it helps link1 and link2

edited Feb 08 '19 at 09:38

3 rules

1,359
3
26
54

answered Feb 01 '19 at 08:22

avg_bloke

194
1
11

I didn't get your point. Where I have to make changes? I tried your code app.UseJwtBearerAuthentication(new JwtBearerOptions() {//other stuff} but it is not available. I only use those packages that is defined in the [tutorial](http://jasonwatmore.com/post/2018/08/14/aspnet-core-21-jwt-authentication-tutorial-with-example-api) I have given in my question. – 3 rules Feb 01 '19 at 12:50
Check this...if it helps [link] https://www.c-sharpcorner.com/article/jwt-json-web-token-authentication-in-asp-net-core/ and [link] https://stackoverflow.com/questions/45315274/get-claims-from-a-webapi-controller-jwt-token – avg_bloke Feb 01 '19 at 13:02

Give response to JWT wrong Authentication Asp.Net Core Web Api

1 Answers1