Difference between using Authenticate(new Authenticate()) vs JsonServiceClient.Send(new Authenticate())

Hi there,
I think I’m not understanding the fundamental concept/idea here. Why is that I’m getting BearerToken back when I authenticate a user using JsonServiceClient(1st snippet below), while I get null when using AuthenticateService.Authenticate(2nd snippet):

var authClient = new JsonServiceClient("http://localhost:11001/");
var jwtToken = authClient.Send(new Authenticate {
    Provider = "credentials",
    UserName = userName,
    Password = password,
    UseTokenCookie = true
var bearerToken = response.BearerToken; // gets BearerToken

using(var authService = ResolveService < AuthenticateService > ()) {
 var response = authService.Authenticate(new Authenticate {
   Provider = CredentialsAuthProvider.Name,
   UserName = userName,
   Password = password,
   RememberMe = true,
   UseTokenCookie = true

 var bearerToken = response.BearerToken; // this is null

Could someone shed some light on this for me. I think I’m missing out really important concept here!
While working with the MVC example, how can I send ss-tok back to the browser from the above code? i.e users are authenticating from the /login page and the login page calls in the authService.Authenticate from within the controller.

The Authenticate() API on AuthenticateService is the code-level API to the AuthenticateService which returns a typed AuthenticateResponse DTO which returns null if they’re already authenticated or a populated AuthenticateResponse DTO if it Authenticated them in the Request.

Calling the AuthenticateService via the Service Client calls the Post(Authenticate) Service-level API which returns the appropriate Service-level response, e.g. for HTML Requests it returns a Redirect Response for Successful requests. This is what you need to call for the JWT Auth Provider Auth Filters to populate the Response.

So in-order to use JWT, I’d have to use Service-level API? How can I make the ServiceStackController in my MVC application work? i.e when I Post, ServiceStackController.IsAuthenticated is not true. How can I put these two together?

With AuthenticateService.Post(…), I see that result.Response gets populated with BearerToken. Do I set this as a MVC cookie? I’m not really clear on how to proceed.


Can’t you just call the Post(Authenticate) API?

Sorry, I’m not sure if I’m following along :frowning: I’m attaching a screenshot of what I have. This is a sample MVC application(modified Login action).

After the Post, authService.IsAuthenticated is false. Should this be true? When the controller is done, the home page still says not authenticated.

The HttpResult wraps the Response DTO which you can unwrap from the HttpResult with:

var authResponse = response.GetDto() as AuthenticateResponse;

Which is effectively a short-hand for:

var authResponse = ((response as HttpResult)?.Response ?? response) as AuthenticateResponse;

Great. How do I now make my ServiceStackController aware of this authentication now? i.e now that the user is authenticated after a call to Post, ServiceStackController.IsAuthenticated is still false, hence the attributes [Authenticate], [Authorize] etc still doesn’t work.

Is the JWT Cookie (ss-tok) being sent on every request?

JWT cookie is not being set with a call to authService.Post. Do I have to manually set this?

The JWT Token is what encapsulates the Users Session (i.e. the server is stateless), the JWT Token needs to be sent in either a cookie or as a Bearer Token in a Authorization HTTP Request Header.

The HttpResult contains the the Cookie that needs to be written to the Response, you should be able to write it with something like:

var jwtCookie = (result as HttpResult)?.Cookies?.FirstOrDefault();

Got it! Thanks for your patience :slight_smile: I really want to learn the framework better. Any suggestions/directions on how to get involved and learn more on about the framework?

Great! :smile:

That’s kind of an open question, but off the top of my head the first place to start is to read the docs about a feature so that you understand it completely, i.e. if something is unfamiliar use that a research point to learn about what it is, i.e. searching Stack Overflow / Forums even tests and source code. Also explore the live demos if there are any that uses the feature you’re interested in, comb over all the source code so that you know what every piece does or how it works, when something doesn’t make sense, that’s a good point to drill down the source code to see how it works.

Personally I’d have a fork of the ServiceStack sources available locally so I can quickly and easily debug and step through the code, create adhoc tests and experiment with some changes, etc. Understandably that’s the only way I work with ServiceStack since… forever :slight_smile: where being able to quickly create/run tests is always readily available and most times to step through a feature I’ll create a self-hosting AppHost integration test which is more replayable than trying to debug changes in a Web App.

IMO the best way to learn anything new is to work towards a specific, easily realizable objective. So to learn a feature, think about a small, stand-alone project you’d like to create that uses that feature and use the process of implementing it as a way to research what features you need and after you have a working first pass, go back and try to refine it, i.e. refactor it so the code reads beautifully and try to remove as much unnecessary code as possible and think of ways that you can enhance it where a little bit of effort adds the most value. Being able to see a lot of value in your efforts will keep you interested.

Not sure if that covers what you’re asking, but that’s what I got :slight_smile:

Thank you for your suggestions. That is what I was looking to hearing from you. I’ve been wanting to get to know the framework for a while now but been putting it off. Not that I was slacking but it just seemed daunting and out of my reach. I think this is the time!

I’m absolutely looking forward on getting a fork locally. I think I will struggle, but I’m up for a challenge! I’d love to contribute to the framework someday soon :slight_smile:

Thanks your time!

1 Like