Bearer Token not generated after upgrade from 5.12.1 to 5.14.0

jbrabant · February 15, 2022, 5:09pm

Since my upgrade, things looks ok but somehow I do not get any bearerToken back
Was working minutes ago on 5.12 and I haven’t changed a single line of code since the upgrade.
Any idea what could’ve changed?

I am using an LiteDb UserAuth repo and a custom UserSession.
Here is my AuthFeature PlugIn config.

Plugins.Add(new AuthFeature(() => new PEUserSession(), new IAuthProvider[]
{
    new CredentialsAuthProvider(AppSettings),
    new ApiKeyAuthProvider(AppSettings),
    new JwtAuthProvider()
    {
        HashAlgorithm = "RS256", PrivateKeyXml =  Encryption.GetPrivateKey(),
        RequireSecureConnection = config.RequireSecureConnection,
        UseTokenCookie = true,
        CreatePayloadFilter = (payload, session) =>
        {
            var customSession = (PEUserSession)session;
            payload["domain"] = customSession.Domain;
            payload["soaUsername"] = customSession.SOAUsername;
            payload["ppaUsername"] = customSession.PPAUsername;
            payload["ppaUserId"] = customSession.PPAUserId.ToString();
            payload["ttl"] = customSession.TTL.ToString();
            payload["idleTimeOut"] = customSession.IdleTimeOut.ToString();
        },
        PopulateSessionFilter = ((session, payload, req) =>
        {
            var customUserSession = session as PEUserSession;
            if (customUserSession!=null)
            {
                customUserSession.Domain = payload["domain"];
                customUserSession.SOAUsername = payload["soaUsername"];
                customUserSession.PPAUsername = payload["ppaUsername"];
                if (int.TryParse(payload["ppaUserId"], out var userId))
                    customUserSession.PPAUserId = userId;
                if (int.TryParse(payload["ttl"], out var ttl))
                    customUserSession.TTL = ttl;
                if (int.TryParse(payload["idleTimeOut"], out var idleTimeOut))
                    customUserSession.IdleTimeOut = idleTimeOut;
            }
            
        })
    },
    new ADAuthProvider (this)
    {
    },
    new LdapAuthProvider(container.Resolve<IPPAUoW>(),container.Resolve<ISOAUoW>(), config),
})
{ HtmlRedirect = null, IncludeRegistrationService = true });

[DataContract]
public class PEUserSession: AuthUserSession
{
    [DataMember]
    public string Domain { get; set; }
    
    [DataMember]
    public string SOAUsername { get; set; }
    [DataMember]
    public string PPAUsername { get; set; }
    [DataMember]
    public int PPAUserId { get; set; }
    [DataMember]    
    public int TTL { get; set; }
    [DataMember]
    public int IdleTimeOut { get; set; }
}

layoric · February 15, 2022, 8:04pm

Hi @jbrabant,

Are you getting back the token cookie? From 5.14+ BearerToken is no longer returned in the body of the response, clients using bearer token cookies should not be impacted though. What kind of client are you using?

mythz · February 16, 2022, 12:46am

Can you clarify exactly what you mean by do not get any bearerToken back by providing the raw HTTP Response that shows the issue. You’re using UseTokenCookie=true so the JWT should only be returned in the ss-tok HttpOnly cookie upon successful authentication.

Can you then downgrade to the previous major release at v5.13.2 to find out which release has the issue:

<PackageReference Include="ServiceStack" Version="5.13.2" />

jbrabant · February 16, 2022, 12:25pm

Sorry. My mistake. I didn’t know 5.14 was only returning the token inside the ss-tok
Should be ok on my next attempt to upgrade.

Thanks and long life to ServiceStack!

mythz · February 16, 2022, 12:34pm

Was your JwtAuthProvider always configured with UseTokenCookie = true? This is what controls how the JWTs get returned.