C
C#5w ago
SirCypkowskyy

Bearer token is not used by Swagger for endpoints with [authorize], but used for [AllowAnonymous]

Hey! Yesterday while working on a project for university I encountered a strange bug, which can be seen in the screens below: - When an endpoint is marked with the [Authorize] attribute, even if a Bearer Token is specified in Swagger, this Token will not be used in the execution of the request. - If we use the [AllowAnonymous] attribute instead of [Authorize], the Bearer Token will be sent in the request. The described behaviour can be seen in the screenshots. Does anyone know what might be generating it? And how can I fix it?
No description
No description
No description
No description
No description
4 Replies
SirCypkowskyy
SirCypkowskyy5w ago
my Program.cs

message.txt

SirCypkowskyy
SirCypkowskyy5w ago
endpoint in UserController.cs 
 /// <summary>
    /// Zwraca informacje o zalogowanym użytkowniku
    /// </summary>
    /// <returns>
    /// Informacje o zalogowanym użytkowniku
    /// </returns>
    [HttpGet("auth/self")]
    // [Authorize(AuthenticationSchemes = "Bearer")]
    [AllowAnonymous]
    public async Task<IActionResult> GetSelfInfoAsync()
    {
        var user = User;
        var claims = user.Claims;
        
        _logger.LogInformation("User {Username} requested self info", user.FindFirstValue(ClaimTypes.Name));
        _logger.LogDebug("User {Username} requested self info with claims: {Claims}", user.FindFirstValue(ClaimTypes.Name), claims);
        
        var userId = user.FindFirstValue(ClaimTypes.NameIdentifier) ?? throw new UnauthorizedAccessException("User not found");
        var userIdAsGuid = Guid.Parse(userId);
        
        return Ok(new UserJwtInfoResponseDTO()
        {
            Username = user.FindFirstValue(ClaimTypes.Name),
            Email = user.FindFirstValue(ClaimTypes.Email),
            Role = user.FindFirstValue(ClaimTypes.Role)
        });
    }
 /// <summary>
    /// Zwraca informacje o zalogowanym użytkowniku
    /// </summary>
    /// <returns>
    /// Informacje o zalogowanym użytkowniku
    /// </returns>
    [HttpGet("auth/self")]
    // [Authorize(AuthenticationSchemes = "Bearer")]
    [AllowAnonymous]
    public async Task<IActionResult> GetSelfInfoAsync()
    {
        var user = User;
        var claims = user.Claims;
        
        _logger.LogInformation("User {Username} requested self info", user.FindFirstValue(ClaimTypes.Name));
        _logger.LogDebug("User {Username} requested self info with claims: {Claims}", user.FindFirstValue(ClaimTypes.Name), claims);
        
        var userId = user.FindFirstValue(ClaimTypes.NameIdentifier) ?? throw new UnauthorizedAccessException("User not found");
        var userIdAsGuid = Guid.Parse(userId);
        
        return Ok(new UserJwtInfoResponseDTO()
        {
            Username = user.FindFirstValue(ClaimTypes.Name),
            Email = user.FindFirstValue(ClaimTypes.Email),
            Role = user.FindFirstValue(ClaimTypes.Role)
        });
    }
SirCypkowskyy
SirCypkowskyy5w ago
Nevermind, I found the reason why it didn't work. For some reason, adding opts.OperationFilter<SecurityRequirementsOperationFilter>(); to the Swagger config disabled attaching bearer token to the request, when it had [Authorize] attribute on itself.
No description
Unknown User
Unknown User5w ago
Message Not Public
Sign In & Join Server To View
Want results from more Discord servers?
Add your server
More Posts
cant connect to database ;-;Hi, need help connecting and making tables, not sure why i cant see the new query buttonRefresh a card without refreshing the whole boardHi, For my studies we have to make a small game in MAUI; Si basically have this Matrix2D ```csharHow does tokenization work to protect sensitive data?So tokenization is basically taking an input for let's say an id 123-456-789, store the real id in dUse the ms print to pdf printer to re-print a pdf fileHello. I'm trying to make a program to re-generate a PDF file by using the Microsoft print to PDF prI finished a 4 hour tutorial on c#, how do I do to progress in the language from now?Am I still considered a beginner? And what can I do to learn more about the language? Also when do IHow can i ref in a lambdaI want that the you can overgive a float value in this method which by running the action will overwTrouble implementing IdentityHi so basically, I'm making a asp .net core web app and i want to use JWT and Identity (cause i hearEntity DB object with immutable variablesHello there. I am kind of new to C# and I am doing a project about some database management systemuse parameter from a class of type form in another formI have a user class with different parameters. I make instances and use them in a form class to storHello im repairing an old mod from Risk of Rain 2 and need help.``` using BepInEx; using R2API; using RoR2; using System.Runtime.InteropServices; using System.Text.