1

I'm using Azure AD to register my client web app and my web API

app registrations

API ID

scope

I grant access to my client web app

grant access

To test this I obtain an access token like this

https://login.microsoftonline.com/tenantId/oauth2/v2.0/authorize?response_type=code&client_id=webapppclientId&redirect_uri=http://localhost:4200/signin-oidc&scope=openid

This gets me a code

code

Now I get the access token

access token

But when I try this call to my securized controller

error bad request

In my web API I have this in appsettings.json

"AzureAd": {
"Authority": "https://login.microsoftonline.com/tenantID",
"Audience": "https://fulcrum.es/planificadorAPI"

In Startup.cs

public void ConfigureServices(IServiceCollection services)
  {
  services
    .AddAuthentication(options=>
    {
      options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
    }
    ).AddJwtBearer(options => Configuration.Bind("AzureAd", options));


public void Configure(IApplicationBuilder app, IHostingEnvironment env)
  {
      if (env.IsDevelopment())
      {
            app
                .UseDeveloperExceptionPage();
      }

      app
          .Map("/api", api =>
          {
              api.UseCors(policy =>
              {
                      policy.AllowAnyHeader();
                      policy.AllowAnyMethod();
                      policy.AllowAnyOrigin();
              })
              .UseAuthentication()
              .UseMvc();
          })
          .Run(context => context.Response.WriteAsync("FysegPlanner webAPI started"));
  }

In Controller

namespace api.Controllers
{
 [Authorize]
 [Route("proyectos")]

[HttpGet]
[Route("")]
public async Task<IActionResult> Get()
{
    var getAllResponse = await mediator.Send(new ListAll());
    return Ok(getAllResponse);
}

Any idea, please?

Thanks

kintela
  • 1,283
  • 1
  • 14
  • 32
  • Can you share the GET method? – Anuraj Mar 30 '22 at 08:50
  • @Anuraj done. Without [Authorize] works fine – kintela Mar 30 '22 at 10:23
  • It seems you use the aad configuration to generate the jwt token? Then why you not configuring `options.TokenValidationParameters` for the jwt? I saw you just use options in your code. – Rena Mar 31 '22 at 05:36
  • @Rena because I Don't know what to do with that Parameter. When I test this from my web client app in Angular instead Postma i get Bearer error="invalid_token", error_description="The signature is invalid". So In don't know where te problem is – kintela Mar 31 '22 at 07:15
  • Here is a whole working demo about how to use jwt authentication. Refer to:https://stackoverflow.com/a/65228648/11398810. – Rena Mar 31 '22 at 07:23

0 Answers0