Azazel
Azazel
PostsComments
CC#
Created by Azazel on 11/20/2023 in #help
Invalidate JWT-Tokens on logout and password change.
I have an ASP.net Web api that handles user interaction. For authentification I use JWT Tokens. I realize that these tokens are only a way to confirm claims and do not carry states in any way. I want to give uses the ability to log out, i.e invalid tokens and change thier password. I do not like the approach of storing the password hash in the token as it can be read. Also I have no clue if it would make sense to use a table for invalidated tokens and how I would go about implementing that feature. If you have any input or pointers I could use to help me it would be greatly appreciated. : )
17 replies
CC#
Created by Azazel on 11/10/2023 in #help
❔ Error with showing Images in Azure App Service.
Using Asp.net and Azure Blob Storage and Azure App Service: When I run my API locally on my computer I can receive Images. even if they have slashes, indicating that they are part of a directory: 
profileImages/TestUser1/381d4432-2e23-4db5-8b77-b68503c09cea
profileImages/TestUser1/381d4432-2e23-4db5-8b77-b68503c09cea
the same code and the same request fails to run when my API is published to the App service. Instead I get a 404 when trying to request Images with slashes (like the one on top). Images that do not have backslashes in the name instead work normally tho. the endpoint that retrieves the images is the following. 
[HttpGet("{fileName}")]
public async Task<IActionResult> Download(string fileName)
{
    fileName = System.Net.WebUtility.UrlDecode(fileName);

    BusinessLogicMessage<BlobDownloadResult> result = await _filesService.GetBlobAsync(fileName);

    if (result.StatusEnum == BusinessLogicStatus.Failure)
    {
        return BadRequest(result);
    }

    BlobDownloadResult blobInfo = result.Result!;

    return File(blobInfo.Content.ToArray(), blobInfo.Details.ContentType);
}
[HttpGet("{fileName}")]
public async Task<IActionResult> Download(string fileName)
{
    fileName = System.Net.WebUtility.UrlDecode(fileName);

    BusinessLogicMessage<BlobDownloadResult> result = await _filesService.GetBlobAsync(fileName);

    if (result.StatusEnum == BusinessLogicStatus.Failure)
    {
        return BadRequest(result);
    }

    BlobDownloadResult blobInfo = result.Result!;

    return File(blobInfo.Content.ToArray(), blobInfo.Details.ContentType);
}
I suspect that, because the directory symbol is the same as a web-directory, my API fails to show the image. I do not believe that loading the actual image from blob storage is the problem, as images without slashes load normally. Also if I type in a random name of an image that does not exist I explicitly get a Bad Request stating that the image does not exist, instead of a 404. Any ideas why that behavior may happen?
362 replies
CC#
Created by Azazel on 9/3/2023 in #help
❔ Cant seem to publish my C# Asp.net Core 6 Web API to Azure.
Guys im trying to publish my .Net Core 6 web api to Azure but I keep getting the same Exception 
Failed to generate swagger file. Error dotnet swagger tofile --serializeasv2 --output "C:\Users\MYNAME\source\repos\REPONAME\bin\Release\net6.0\swagger.json" "C:\Users\MYNAME\source\repos\REPONAME\bin\Release\net6.0\TourGuideApi.dll" v1

Unhandled exception. System.IO.FileLoadException: Could not load file or assembly 'System.Runtime, Version=7.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'. The located assembly's manifest definition does not match the assembly reference. (0x80131040)
File name: 'System.Runtime, Version=7.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'
Be sure that the Startup.cs for your application is calling AddSwaggerGen from within ConfigureServices in order to generate swagger file. Visit https://go.microsoft.com/fwlink/?LinkId=2131205&CLCID=0x409 for more information.
Failed to generate swagger file. Error dotnet swagger tofile --serializeasv2 --output "C:\Users\MYNAME\source\repos\REPONAME\bin\Release\net6.0\swagger.json" "C:\Users\MYNAME\source\repos\REPONAME\bin\Release\net6.0\TourGuideApi.dll" v1

Unhandled exception. System.IO.FileLoadException: Could not load file or assembly 'System.Runtime, Version=7.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'. The located assembly's manifest definition does not match the assembly reference. (0x80131040)
File name: 'System.Runtime, Version=7.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'
Be sure that the Startup.cs for your application is calling AddSwaggerGen from within ConfigureServices in order to generate swagger file. Visit https://go.microsoft.com/fwlink/?LinkId=2131205&CLCID=0x409 for more information.
When publishing I get an error Prompt (probably because of the exception) that tells me to add AddSwaggerGen to my ConfigureServices. Ive done that and its not in an if statement. 
Publish has encountered an error.
Be sure that the Startup.cs for your application is calling AddSwaggerGen from within ConfigureServices in order to generate swagger file. Visit https://go.microsoft.com/fwlink/?LinkId=2131205&CLCID=0x409 for more information.

A diagnostic log has been written to the following location:
"C:\Users\MYNAME\AppData\Local\Temp\tmpC865.tmp
Publish has encountered an error.
Be sure that the Startup.cs for your application is calling AddSwaggerGen from within ConfigureServices in order to generate swagger file. Visit https://go.microsoft.com/fwlink/?LinkId=2131205&CLCID=0x409 for more information.

A diagnostic log has been written to the following location:
"C:\Users\MYNAME\AppData\Local\Temp\tmpC865.tmp
My Startup.cs looks like this: 
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using System.Text;
using MYPROJECT.Auth;

var builder = WebApplication.CreateBuilder(args);
ConfigurationManager configuration = builder.Configuration;

// Add services to the container.

// For Entity Framework
builder.Services.AddDbContext<ApplicationDbContext>(options => options.UseSqlServer(configuration.GetConnectionString("ConnStr")));

// For Identity
builder.Services.AddIdentity<IdentityUser, IdentityRole>()
    .AddEntityFrameworkStores<ApplicationDbContext>()
    .AddDefaultTokenProviders();

// Adding Authentication
builder.Services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})

// Adding Jwt Bearer
.AddJwtBearer(options =>
{
    options.SaveToken = true;
    options.RequireHttpsMetadata = false;
    options.TokenValidationParameters = new TokenValidationParameters()
    {
        ValidateIssuer = true,
        ValidateAudience = true,
        ValidAudience = configuration["JWT:ValidAudience"],
        ValidIssuer = configuration["JWT:ValidIssuer"],
        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["JWT:Secret"]))
    };
});

builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();

var app = builder.Build();

// Configure the HTTP request pipeline.
app.UseSwagger();
app.UseSwaggerUI();

app.UseHttpsRedirection();

// Authentication & Authorization
app.UseAuthentication();
app.UseAuthorization();

app.MapControllers();

app.Run();
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using System.Text;
using MYPROJECT.Auth;

var builder = WebApplication.CreateBuilder(args);
ConfigurationManager configuration = builder.Configuration;

// Add services to the container.

// For Entity Framework
builder.Services.AddDbContext<ApplicationDbContext>(options => options.UseSqlServer(configuration.GetConnectionString("ConnStr")));

// For Identity
builder.Services.AddIdentity<IdentityUser, IdentityRole>()
    .AddEntityFrameworkStores<ApplicationDbContext>()
    .AddDefaultTokenProviders();

// Adding Authentication
builder.Services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})

// Adding Jwt Bearer
.AddJwtBearer(options =>
{
    options.SaveToken = true;
    options.RequireHttpsMetadata = false;
    options.TokenValidationParameters = new TokenValidationParameters()
    {
        ValidateIssuer = true,
        ValidateAudience = true,
        ValidAudience = configuration["JWT:ValidAudience"],
        ValidIssuer = configuration["JWT:ValidIssuer"],
        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["JWT:Secret"]))
    };
});

builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();

var app = builder.Build();

// Configure the HTTP request pipeline.
app.UseSwagger();
app.UseSwaggerUI();

app.UseHttpsRedirection();

// Authentication & Authorization
app.UseAuthentication();
app.UseAuthorization();

app.MapControllers();

app.Run();
6 replies