asp.net - OWIN token authentication 400 Bad Request on OPTIONS from browser -



asp.net - OWIN token authentication 400 Bad Request on OPTIONS from browser -

i using token authentication little project based on article: http://bitoftech.net/2014/06/09/angularjs-token-authentication-using-asp-net-web-api-2-owin-asp-net-identity/

everything seems work fine except 1 thing: owin based token authentication doesn't allow options request on /token endpoint. web api returns 400 bad request , whole browser app stops sending post request obtain token.

i have cors enabled in application in sample project. below code might relevant:

public class startup { public static oauthbearerauthenticationoptions oauthbeareroptions { get; private set; } public void configuration(iappbuilder app) { arearegistration.registerallareas(); unityconfig.registercomponents(); globalconfiguration.configure(webapiconfig.register); filterconfig.registerglobalfilters(globalfilters.filters); routeconfig.registerroutes(routetable.routes); bundleconfig.registerbundles(bundletable.bundles); httpconfiguration config = new httpconfiguration(); app.usecors(microsoft.owin.cors.corsoptions.allowall); configureoauth(app); webapiconfig.register(config); app.usewebapi(config); database.setinitializer(new applicationcontext.initializer()); } public void configureoauth(iappbuilder app) { //use cookie temporarily store info user logging in 3rd party login provider app.useexternalsignincookie(microsoft.aspnet.identity.defaultauthenticationtypes.externalcookie); oauthbeareroptions = new oauthbearerauthenticationoptions(); oauthauthorizationserveroptions oauthserveroptions = new oauthauthorizationserveroptions() { allowinsecurehttp = true, tokenendpointpath = new pathstring("/token"), accesstokenexpiretimespan = timespan.fromminutes(60), provider = new simpleauthorizationserverprovider(), refreshtokenprovider = new simplerefreshtokenprovider() }; // token generation app.useoauthauthorizationserver(oauthserveroptions); app.useoauthbearerauthentication(oauthbeareroptions); } }

below login function javascript (i using angularjs purpose)

var _login = function (logindata) { var info = "grant_type=password&username=" + logindata.username + "&password=" + logindata.password; info = info + "&client_id=" + ngauthsettings.clientid; var deferred = $q.defer(); $http.post(servicebase + 'token', data, { headers: { 'content-type': 'application/x-www-form-urlencoded' } }).success(function (response) { localstorageservice.set('authorizationdata', { token: response.access_token, username: logindata.username, refreshtoken: response.refresh_token, userefreshtokens: true }); _authentication.isauth = true; _authentication.username = logindata.username; _authentication.userefreshtokens = logindata.userefreshtokens; deferred.resolve(response); }).error(function (err, status) { _logout(); deferred.reject(err); }); homecoming deferred.promise; }; var _logout = function () { localstorageservice.remove('authorizationdata'); _authentication.isauth = false; _authentication.username = ""; _authentication.userefreshtokens = false; };

i've lost time on problem today. think i've found solution.

override method within oauthauthorizationserverprovider:

public override task matchendpoint(oauthmatchendpointcontext context) { if (context.istokenendpoint && context.request.method == "options") { context.owincontext.response.headers.add("access-control-allow-origin", new[] { "*" }); context.owincontext.response.headers.add("access-control-allow-headers", new[] { "authorization" }); context.requestcompleted(); homecoming task.fromresult(0); } homecoming base.matchendpoint(context); }

this appears 3 necessary things:

force auth server respond options request 200 (ok) http status, allow request come anywhere setting access-control-allow-origin allows authorization header set on subsequent requests setting access-control-allow-headers

after steps angular behaves correctly when requesting token endpoint options method. ok status returned , repeats request post method total token data.

asp.net angularjs owin asp.net-web-api2

-

Comments

Post a Comment

Popular posts from this blog

formatting - SAS SQL Datepart function returning odd values -

formatting - SAS SQL Datepart function returning odd values - i'm having massive problem project can't seem right. i'm trying modify info variable in datetime format. first info 30mar12:00:00:00. i've been advised utilize code below returns value 30mar60:5:30:00. want date component , have no thought how info got exported in format wasn't in microsoft access. i've tried several mods code 1 time again comes blank or sends error message. proc sql; update dataset set date = datepart(date); quit; any advice appreciated. i'm guessing variable date numeric , formatted datetime. 1 time you've carried out conversion, alter format date9. sas datetime value number of seconds since 01 jan 1960, whereas dates number of days since 01 jan 1960. both stored numbers, using right format display value key. illustration below. data _null_; a='30mar12:00:00:00'dt; b=datepart(a); c=b; format b datetime. c date9.; set b c; run; ...
Read more

c++ - Apple Mach-O Linker Error(Duplicate Symbols For Architecture armv7) -

c++ - Apple Mach-O Linker Error(Duplicate Symbols For Architecture armv7) - here error: duplicate symbol _objc_metaclass_$_bfapplinkreturntorefererview in: /users/user/documents/facebooksdk/facebooksdk.framework/facebooksdk(bfapplinkreturntorefererview.o) /users/user/desktop/project/project/project/assets/facebook/editor/ios/facebooksdk/facebooksdk.a(bfapplinkreturntorefererview.o) ld: 889 duplicate symbols architecture armv7 clang: error: linker command failed exit code 1 (use -v see invocation) i have searched find solution of error couldn't. there tons of similar error this, 1 hasn't been asked yet. problem shows when add together "-objc" "other linker flags". need add together utilize admob service. problem? how can solve this? i faced same issue while integrating facebook-ios-sdk. because using 3rd party library had bolts.framework linked against it. solution found incorporate facebook-ios-sdk source code hosted on github. ...
Read more

php - Yii 2: Unable to find a class into the extension 'yii2-admin' -

php - Yii 2: Unable to find a class into the extension 'yii2-admin' - extension's github project: https://github.com/mdmsoft/yii2-admin i'm using advanced template of yii2, i've backend , frontend , common folders advanced folder. the advanced folder on same level of vendor folder. i've others extensions , working then installed yii2-admin composer php composer.phar require mdmsoft/yii2-admin "*" installation worked well. into vendor folder i've mdmsoft folder yii2-admin subfolder it. this actual content of v endor/yiisoft/extensions.php (modified composer installation, haven't manually touched it) <?php $vendordir = dirname(__dir__); homecoming array ( 'yiisoft/yii2-jui' => array ( 'name' => 'yiisoft/yii2-jui', 'version' => '2.0.0.0', 'alias' => array ( '@yii/jui' => $vendordir . '/yiisoft/yii2-jui', ...
Read more