skywalker-kiwi#02131
skywalker-kiwi#02131
Explore posts from servers
CCoder.comKKinde
PostsComments
KKinde
Created by skywalker-kiwi#02131 on 7/1/2024 in #💻┃support
Webhook Validation
Hey, I am validating my user.create webhook as per the webhooks guide, checking the id and timestamp against the api/v1/events/{event_id} endpoint, but I am getting a 403 status code response. I am using the content of the webhook (the encoded JWT) as my token for the validation. Am I doing something wrong? 
public async Task<bool> ValidateWebhook(string eventId, DateTime timestamp, string accessToken, CancellationToken cToken = default)
{
  try
  {
      ArgumentNullException.ThrowIfNullOrEmpty(nameof(eventId));
      ArgumentNullException.ThrowIfNull(nameof(timestamp));

      string endpoint = $"api/v1/events/{eventId}";
      string domain = _kindeSettings.Domain;

      string absoluteUrl = $"{domain}/{endpoint}";
      bool uriIsValid = Uri.TryCreate(absoluteUrl, UriKind.Absolute, out Uri uri);
      if (!uriIsValid) throw new Exception("The uri is not valid");
      using (HttpClient client = new HttpClient())
      {
          HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, uri);
          request.Headers.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
          request.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken);
          cToken.ThrowIfCancellationRequested();

          HttpResponseMessage message = await client.SendAsync(request, cToken);
      }
      return true; //not yet finished
  }
  catch(Exception ex)
  {
      _logger.LogError(ex, ex.Message);
      throw;
  }
}
public async Task<bool> ValidateWebhook(string eventId, DateTime timestamp, string accessToken, CancellationToken cToken = default)
{
  try
  {
      ArgumentNullException.ThrowIfNullOrEmpty(nameof(eventId));
      ArgumentNullException.ThrowIfNull(nameof(timestamp));

      string endpoint = $"api/v1/events/{eventId}";
      string domain = _kindeSettings.Domain;

      string absoluteUrl = $"{domain}/{endpoint}";
      bool uriIsValid = Uri.TryCreate(absoluteUrl, UriKind.Absolute, out Uri uri);
      if (!uriIsValid) throw new Exception("The uri is not valid");
      using (HttpClient client = new HttpClient())
      {
          HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, uri);
          request.Headers.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
          request.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken);
          cToken.ThrowIfCancellationRequested();

          HttpResponseMessage message = await client.SendAsync(request, cToken);
      }
      return true; //not yet finished
  }
  catch(Exception ex)
  {
      _logger.LogError(ex, ex.Message);
      throw;
  }
}
10 replies
KKinde
Created by skywalker-kiwi#02131 on 6/14/2024 in #💻┃support
ASP.NET API not validating token
Hi, I am configuring as ASP.NET API, and I am having issues getting my token to validate. I have configured my validation like so: 
builder.Services.AddAuthentication(options => 
{
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
    options.Authority = jwtIssuer;
    options.Audience = jwtAudience;
});
builder.Services.AddAuthentication(options => 
{
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
    options.Authority = jwtIssuer;
    options.Audience = jwtAudience;
});
I get my token from a Nuxt front end and pass it as an authorization header on request to the ASP.NET backend. I have checked my JWT here: https://jwt.io/ and everything appears to be in order. I can use it just fine on my front end. When I run my controller, the HttpContext.User is always null. I have also tried this configuration setup: 
builder.Services.AddAuthentication(options => 
{
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
})
    .AddJwtBearer(options =>
    {
        options.TokenValidationParameters = new TokenValidationParameters
        {
            ValidateAudience = true,
            ValidateLifetime = true,
            ValidateIssuerSigningKey = true,
            ValidIssuer = jwtIssuer,
            ValidateIssuer = true,
            ValidAudience = jwtAudience,
            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtKey))
        };
        options.IncludeErrorDetails = true;
    });
builder.Services.AddAuthentication(options => 
{
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
})
    .AddJwtBearer(options =>
    {
        options.TokenValidationParameters = new TokenValidationParameters
        {
            ValidateAudience = true,
            ValidateLifetime = true,
            ValidateIssuerSigningKey = true,
            ValidIssuer = jwtIssuer,
            ValidateIssuer = true,
            ValidAudience = jwtAudience,
            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtKey))
        };
        options.IncludeErrorDetails = true;
    });
Any help would be greatly appreciated
14 replies
KKinde
Created by skywalker-kiwi#02131 on 6/2/2024 in #💻┃support
Setting the audience for Nuxt to get token to be used with ASP.NET API
Hi, I am having issues assigning at audience to my tokens for my nuxt+asp.net application. I have followed the instructions for both sdks, and I have configured my jwt validation process as per: https://discord.com/channels/1070212618549219328/1181922100806680646 I have defined an environment variable in my .env file on my front end and I can get a token just fine. The issue is that the token doesn't have the aud defined (it's just an empty []) I have allowed the Kinde Management API access as per the instructions in the docs: https://docs.kinde.com/developer-tools/kinde-api/register-an-api/ I had a look at the nuxt composable useKindeClient but that doesn't take any arguments and so I can't define an audience? The long term intent is to allow users to log in via the front end, get their access token, store it in the session, and then use that for each backend request. Any suggestions would be greatly appreciated. I was considering going down the ts route, but wasn't sure whether that would clash at all with anything....
10 replies