When using iis run the project the 401 error handled in program.cs is not working(works in localhost
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.SaveToken = true;
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = true,
ValidateAudience = true,
ValidAudience = configuration["JWT:ValidAudience"],
ValidIssuer = configuration["JWT:ValidIssuer"],
IssuerSigningKey = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(configuration["JWT:Secret"])),
ValidateIssuerSigningKey = true,
};
options.Events = new JwtBearerEvents
{
OnChallenge = context =>
{
context.HandleResponse();
context.Response.OnStarting(async () =>
{
// Write to the response based on token expiration
var token = context.Request.Headers["Authorization"].ToString().Replace("Bearer ", "");
if (IsTokenExpired(token))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
context.Response.ContentType = "application/json"; // Set the content type to JSON
var response = new Response
{
Message = "Your token has expired.",
Error = new Err
{
Type = "authorization",
Content = "The provided token is no longer valid."
},
};
await context.Response.WriteAsync(System.Text.Json.JsonSerializer.Serialize(response));
}
});
}
};
});
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.SaveToken = true;
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = true,
ValidateAudience = true,
ValidAudience = configuration["JWT:ValidAudience"],
ValidIssuer = configuration["JWT:ValidIssuer"],
IssuerSigningKey = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(configuration["JWT:Secret"])),
ValidateIssuerSigningKey = true,
};
options.Events = new JwtBearerEvents
{
OnChallenge = context =>
{
context.HandleResponse();
context.Response.OnStarting(async () =>
{
// Write to the response based on token expiration
var token = context.Request.Headers["Authorization"].ToString().Replace("Bearer ", "");
if (IsTokenExpired(token))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
context.Response.ContentType = "application/json"; // Set the content type to JSON
var response = new Response
{
Message = "Your token has expired.",
Error = new Err
{
Type = "authorization",
Content = "The provided token is no longer valid."
},
};
await context.Response.WriteAsync(System.Text.Json.JsonSerializer.Serialize(response));
}
});
}
};
});
2 Replies
Unknown User•3mo ago
Message Not Public
Sign In & Join Server To View
@TeBeCo Sorry what is "all that"?