Hi,
I am testing a service (a demo) with basic and jwt provider
this.Plugins.Add(new AuthFeature(() => new APIAuthUserSession(), new
IAuthProvider[]
{
new BasicAuthProvider(),
new APICredentialsAuthProvider(),
new JwtAuthProvider(AppSettings) {RequireSecureConnection = false,
AuthKey = AesUtils.CreateKey(), }
}));
In service
public object Any(Hello request)
{
var session = base.SessionAs<AuthUserSession>();
if (session.AuthProvider != JwtAuthProvider.Name)
throw HttpError.Unauthorized("Requires JWT Authentication");
}
I want to exclude access with session from other provider.
I am testing it in ARC client, (chrome extension) . I am calling first the /Auth with Basic auth or credentials, and then I copy paste in the Hello service’s headers in Authorization the Bearer [jwtoken] . But the service’s condition it does not find the the JwtAuthProvider.Name.
The weird is that in morning it worked flawless with the same code. I can’t understand what it changed, I think nothing. Can you give me a direction?
The service during morning and now, it is authenticated but it does not return (now )the jwt auth provider’s name.