in something like fiddler, or in SS itself via the request pipeline?
Using the Network WebInspector in Chrome or a HTTP Packet sniffer like Fiddler or WireShark.
This response suggests the request isn’t reaching ServiceStack:
HTTP/1.1 404 Not Found
Date: Fri, 07 Aug 2020 12:21:35 GMT
Server: Kestrel
Content-Length: 0
If you can compare it with a successful request it should hopefully be able to show you the difference between the requests.
Something about the request isn’t matching with the route. How are you configuring the /api path? Are you using the right scheme port? E.g. SSL is usually on port 5001, i.e https://localhost:5001.
Maybe you have a conflicting middleware that’s terminating /api/* requests before it reaches ServiceStack?
Plugins.Add(new AuthFeature(() => new AuthUserSession(),
new IAuthProvider[]
{
new ApiKeyAuthProvider(AppSettings),
new CustomBasicAuthProvider(), //Sign-in with HTTP Basic Auth
new CustomCredentialsAuthProvider() //HTML Form post of UserName/Password
})
{
IncludeRegistrationService = true
});
Ideally it shouldn’t matter but can you remove the duplicate:
app.UsePathBase("/api");
Which is already registered by ServiceStack when you use PathBase = "/api", the double-entry could potentially cause a conflict.
Now that I’m looking at it, the issue could be because the /apikeys route starts with the same path as your /api PathBase, can you try calling it using the pre-defined route instead, e.g:
as a secondary issue, i never get back api keys, even tho there are several in the table.
when i auth and get a session back, then try apikeys/test, this sql ends up on the console:
2020-08-07 10:05:23.0504 ServiceStack.OrmLite.OrmLiteUtils.DebugCommand Debug SQL: SELECT “Id”, “UserAuthId”, “Environment”, “KeyType”, “CreatedDate”, “ExpiryDate”, “CancelledDate”, “Notes”, “RefId”, “RefIdStr”, “Meta”
FROM “ApiKey”
WHERE (“UserAuthId” is null) AND (“CancelledDate” is null) AND ((“ExpiryDate” is null) OR (“ExpiryDate” >= @0))
ORDER BY “CreatedDate” DESC
PARAMS: @0=8/7/2020 2:05:23 PM
why would it be looking for where UserAuthId is null? it does not appear to be looking at the environment either
dont i want the keys back for the authenticated user, or all the API keys? if i am using this wrong, please let me know
with basic auth, the key as the username, it throws some crazy exception about s missing. The same thing happens if i use an apikey that has userAuthId == null
{
"responseStatus": {
"errorCode": "ArgumentNullException",
"message": "Value cannot be null. (Parameter 's')",
"stackTrace": "[ServerRequest: 8/7/2020 2:24:45 PM]:\n[REQUEST: {}]\r\nSystem.ArgumentNullException: Value cannot be null. (Parameter 's')\r\n at System.Int32.Parse(String s)\r\n at ServiceStack.Auth.OrmLiteAuthRepositoryBase`2.<>c__DisplayClass26_0.<GetUserAuth>b__0(IDbConnection db) in C:\\BuildAgent\\work\\3481147c480f4a2f\\src\\ServiceStack.Server\\Auth\\OrmLiteAuthRepository.cs:line 428\r\n at ServiceStack.Auth.OrmLiteAuthRepository`2.Exec[T](Func`2 fn) in C:\\BuildAgent\\work\\3481147c480f4a2f\\src\\ServiceStack.Server\\Auth\\OrmLiteAuthRepository.cs:line 53\r\n at ServiceStack.Auth.OrmLiteAuthRepositoryBase`2.GetUserAuth(String userAuthId) in C:\\BuildAgent\\work\\3481147c480f4a2f\\src\\ServiceStack.Server\\Auth\\OrmLiteAuthRepository.cs:line 426\r\n at ServiceStack.Auth.UserAuthRepositoryExtensions.GetUserAuth(IAuthRepository authRepo, String userAuthId) in C:\\BuildAgent\\work\\3481147c480f4a2f\\src\\ServiceStack\\Auth\\UserAuthRepositoryExtensions.cs:line 172\r\n at ServiceStack.Auth.ApiKeyAuthProvider.Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) in C:\\BuildAgent\\work\\3481147c480f4a2f\\src\\ServiceStack\\Auth\\ApiKeyAuthProvider.cs:line 200\r\n at ServiceStack.Auth.AuthenticateService.Authenticate(Authenticate request, String provider, IAuthSession session, IAuthProvider oAuthConfig) in C:\\BuildAgent\\work\\3481147c480f4a2f\\src\\ServiceStack\\Auth\\AuthenticateService.cs:line 411\r\n at ServiceStack.Auth.AuthenticateService.Post(Authenticate request) in C:\\BuildAgent\\work\\3481147c480f4a2f\\src\\ServiceStack\\Auth\\AuthenticateService.cs:line 218\r\n at ServiceStack.Auth.ApiKeyAuthProvider.PreAuthenticateWithApiKey(IRequest req, IResponse res, ApiKey apiKey) in C:\\BuildAgent\\work\\3481147c480f4a2f\\src\\ServiceStack\\Auth\\ApiKeyAuthProvider.cs:line 309\r\n at ServiceStack.Auth.ApiKeyAuthProvider.PreAuthenticate(IRequest req, IResponse res) in C:\\BuildAgent\\work\\3481147c480f4a2f\\src\\ServiceStack\\Auth\\ApiKeyAuthProvider.cs:line 240\r\n at ServiceStack.AuthenticateAttribute.PreAuthenticateAsync(IRequest req, IEnumerable`1 authProviders) in C:\\BuildAgent\\work\\3481147c480f4a2f\\src\\ServiceStack\\AuthenticateAttribute.cs:line 153\r\n at ServiceStack.AuthenticateAttribute.ExecuteAsync(IRequest req, IResponse res, Object requestDto) in C:\\BuildAgent\\work\\3481147c480f4a2f\\src\\ServiceStack\\AuthenticateAttribute.cs:line 74\r\n at ServiceStack.Host.ServiceRunner`1.ExecuteAsync(IRequest req, Object instance, TRequest requestDto) in C:\\BuildAgent\\work\\3481147c480f4a2f\\src\\ServiceStack\\Host\\ServiceRunner.cs:line 127\r\n",
"errors": [
{
"errorCode": "ArgumentNullException",
"fieldName": "s",
"message": "Value cannot be null."
}
]
}
}
yes, and SS is doing this. i see them in the table, and the UserAuthId points to their Id in the Users table (i inherited UserAuth to add some fields). is SS looking for UserAuth vs my new name, User, or doesnt it matter?
The Exception is because the ApiKey doesn’t have a UserAuthId which is supposed to reference the User it should authenticate as.
I’ve updated the AuthProvider to check that the ApiKey has a UserAuthId otherwise it will throw a 409 Conflict “ApiKey is Invalid” error in the next version.
The GetApiKeys API just returns the API Keys for the authenticated user in the specified environment. I’m assuming the Authenticated User Id i.e. GetSession().UserAuthId doesn’t return “2”.
