C#•2y ago

❔ Authorize attribute automatically triggering oauth scheme

Hi all. I have a login endpoint that I want to call that will trigger my authenication scheme like so:

    [HttpGet]
    [Route("login")]
    [AllowAnonymous]
    public async Task Login()
    {
      await HttpContext.ChallengeAsync(
        RedditAuthenticationDefaults.AuthenticationScheme, new AuthenticationProperties()
        {
          RedirectUri = "https://localhost:7109/api/Accounts/register"
        });
    }

    [HttpGet]
    [Route("login")]
    [AllowAnonymous]
    public async Task Login()
    {
      await HttpContext.ChallengeAsync(
        RedditAuthenticationDefaults.AuthenticationScheme, new AuthenticationProperties()
        {
          RedirectUri = "https://localhost:7109/api/Accounts/register"
        });
    }

I also have another endpoint, register , which has an [Authorize] attribute. I want to test that visiting the Register controller before being authenticated returns an error code, but instead it automatically triggers a challenge to my auth provider, which isn't the intended behaviour I would like. I want users only to be able to authenticate using the login end point. Is there a way to override this behaviour?

    [HttpGet]
    [Route("register")]
    [Authorize]
    public async Task Register()
    {
      // controller logic
    }

    [HttpGet]
    [Route("register")]
    [Authorize]
    public async Task Register()
    {
      // controller logic
    }

1 Reply

Accord•2y ago

Looks like nothing has happened here. I will mark this as stale and this post will be archived until there is new activity.

Gaming

Programming

❔ Authorize attribute automatically triggering oauth scheme