Help - Getting Error 500 when I include the access token about cars-island-on-azure HOT 6 OPEN

Hello Lawrence,

Thank you for a kind words, I am happy that you like this project.
It is hard for me to say what is exactly wrong with your configuration but I have a suggestion.
Please put debug breakpoint in this line:

This is exception middleware and you should catch the exception details. Could you please try to check what is the exception's message?

from cars-island-on-azure.

Hi Daniel,

curiously, the 500 error seem to have gone away by itself, as the application doesn't throw that error anymore. it does, still however, return an unauthorized error when I try to post, following the same process above.

is there a way we can decode the [Authorize] process to see where the error is occurring? or do you have some suggestions on how to resolve it?

thanks
Lawrence

from cars-island-on-azure.

Hi again Daniel,

I was able to replicate the error -- it seems that when I add the word Bearer to the access token it would then throw this error. if I skipped the Bearer I would simply get the Unauthorized error.

the error I get when I include Bearer and the access token during POST is: "Session has not been configured for this application or request"

thoughts?

tks
Lawrence

from cars-island-on-azure.

Hi Lawrence,
How do you send the token to the API? Do you follow below convention?
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", <<token>>);

from cars-island-on-azure.

Hi Lawrence,
How do you send the token to the API? Do you follow below convention?
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", <<token>>);

Hi Daniel,

I simply used the swagger interface to test the API. here are the steps I followed:

1. logged in to MS using: https://<tenant-name>.b2clogin.com/<tenant-name>.onmicrosoft.com/oauth2/v2.0/authorize?p=<policy-name>&client_id=<client-id>&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fjwt.ms&scope=https://<tenant-name>.onmicrosoft.com/<client-id>/access_as_user&response_type=code&prompt=login
2. when I get the id token, then used Postman to get the access token using this POST Url: https://<tenant-name>.b2clogin.com/<tenant-name>.onmicrosoft.com/{{policy-name}}/oauth2/v2.0/token, with the payload: grant_type=authorization_code&client_id=<client-id>&scope=https://<tenant-name>.onmicrosoft.com/<client-id>/access_as_user&code=<id-token>&redirect_uri=https://jwt.ms&client_secret=<client-secret>
3. I check using jwt.ms that the access token received did contain the scp
4. I then used the Swagger interface to put in the access token I received in this format Bearer <access-token>

and I then performed the steps in Swagger using "try this out" for both get(all) cars and Post carReservation.

does this help?

tks
Lawrence

from cars-island-on-azure.

hello guys. sorry for distrurbing. did you managed to solve this? i faced with the same..

from cars-island-on-azure.