I have created a custom RequestLogger
public class CustomRequestLogger : InMemoryRollingRequestLogger
{
public override void Log(IRequest request, object requestDto, object response, TimeSpan requestDuration)
{
base.Log(request, requestDto, response, requestDuration);
var requestType = requestDto != null ? requestDto.GetType() : null;
var appSettings = HostContext.AppSettings;
if (ExcludeRequestType(requestType))
return;
var entry = CreateEntry(request, requestDto, response, requestDuration, requestType);
if (entry.Session == null)
{
// this is always true
}
}
}
I authenticate with my service by adding a header “Authorization” to the request with value “Bearer [the token]”.
The service authenticates fine, and the session is populated and accessible in the services, however, the value of entry.Session is always null.
When I authenticate using the Session Feature, the Session is filled.
Is there a way to retrieve the session when using the JwtAuthProvider?
mythz
September 14, 2018, 1:24pm
2
Have you enabled EnableSessionTracking?
Plugins.Add(new RequestLogsFeature {
EnableSessionTracking = true
});
Yes, I have.
If I authenticate using the Credentials AuthProvider, the session is correctly filled.
mythz
September 14, 2018, 4:41pm
4
I’ve created new integrated tests showing JWT Sessions are being logged in RequestLogEntry for JWT Requests in this commit .
Thanks for creating the test.
BearerToken = GetClient().Post(new Authenticate()).BearerToken
Hower, my use case is is the following:
I am calling Authenticate to retrieve the bearer token.
In subsequent calls, I am adding this token as Authorzisation header "Bearer " without calling the Authenticate service.
In this case the Session is always null.
mythz
September 16, 2018, 10:20am
6
This is what populating BearerToken on the Service Client does, i.e. adds it to the “Authorization” HTTP Header:
client.Headers[HttpHeaders.Authorization]
= "Basic " + Convert.ToBase64String(Encoding.UTF8.GetBytes(apiKey + ":"));
}
public static void AddBearerToken(this WebRequest client, string bearerToken)
{
if (string.IsNullOrEmpty(bearerToken))
return;
client.Headers[HttpHeaders.Authorization] = "Bearer " + bearerToken;
}
public static string CalculateMD5Hash(string input)
{
// copied/pasted by adamfowleruk
// step 1, calculate MD5 hash from input
System.Security.Cryptography.MD5 md5 = System.Security.Cryptography.MD5.Create();
byte[] inputBytes = System.Text.Encoding.ASCII.GetBytes(input);
byte[] hash = md5.ComputeHash(inputBytes);
Can you modify my integration test to include a failing test that shows the issue.
I tried, but the test was passing. As it turned out, no issue in the ServiceStack code.
There were two issues in my code:
The first call was a preflight check for the CORS feature, these requests are not authenticated and can be ignored in teh logger.
I did set “EnableSessionTracking” to true, but directly on the RequestLogger:
Plugins.Add(new RequestLogsFeature
{
RequestLogger = new RequestLogger()
{
EnableResponseTracking = true,
EnableErrorTracking = true,
EnableSessionTracking = true,
EnableRequestBodyTracking = true,
},
});
where thiis must be:
Plugins.Add(new RequestLogsFeature
{
EnableErrorTracking = true,
EnableRequestBodyTracking = true,
EnableSessionTracking = true,
EnableResponseTracking = true,
RequestLogger = new RequestLogger()
});
Almost the same
Thanks for your support
