Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

401 Unauthorized on api/UrlList #82

Open
Jaykul opened this issue Jul 7, 2022 · 4 comments
Open

401 Unauthorized on api/UrlList #82

Jaykul opened this issue Jul 7, 2022 · 4 comments

Comments

@Jaykul
Copy link

Jaykul commented Jul 7, 2022

When I try to access the "URLs Manager" I'm getting 401 Unauthorized from the service -- but I don't understand why, and I'm hoping someone can give me a nudge in the right direction.

The service is running (no problem there, of course)...

I temporarily disabled the authentication check on UrlShortener and added a few URLs and tested them, so I'm sure the actual function app is working, I just can't figure out how to authenticate to it.

I eventually got my AAD apps and custom domains and CORS all working -- and was able to log in with the TinyBlazorAdmin pointing at my function app... but every attempt to actually use the admin app is resulting in those "An unhandled error has occurred. Reload" error bars, and showing up in the logs for UrlList or UrlClickStatsByDay as "Request was not authenticated."

Browser debug tools shows I'm sending an authorization: Bearer .... token in the request, but I don't understand where I went wrong.
@markd-bit
Copy link

Hi, did you resolve this? I'm can't login using azure ad, how did you get it working? I'm getting an issue similar to #80. Thanks in advance

@markd-bit
Copy link

Okay so have the AD auth working but now getting same error An unhandled error has occurred.

@markd-bit
Copy link

So im now getting something similar to this

crit: Microsoft.AspNetCore.Components.WebAssembly.Rendering.WebAssemblyRenderer[100]
Unhandled exception rendering component: 'user_impersonation'

@ghost
Copy link

ghost commented Jul 28, 2022
edited by ghost
Loading

did you manage to fix it?

what we did was to edit the AzFuncAuthorizationMessageHandler.cs to look like this (adding the API endpoint to the handler):
public AzFuncAuthorizationMessageHandler( IConfiguration config, IAccessTokenProvider provider, NavigationManager navigation) : base(provider, navigation) { var section = config.GetSection(nameof(UrlShortenerSecuredService)); Endpoint = section.GetValue<string>(nameof(Endpoint)); AppIdUri = section.GetValue<string>(nameof(AppIdUri)); ConfigureHandler( new[] { Endpoint }, new[] { string.Concat(AppIdUri, "user_impersonation") } );

after that you need to change the appsettings.json to include the API endpoint:
{ "AzureAd": { "Authority": "https://login.microsoftonline.com/{tenantID}", "ClientId": "{AzureADAppRegistrationClientID}", "ValidateAuthority": true }, "UrlShortenerSecuredService": { "Endpoint": "{EndpointURI}", "AppIdUri": "api://{AzureADAppRegistrationFunctionAppID}/" }, "DetailedErrors":true }
Microsoft changed how AD Auth and App Registrations works.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Jaykul @markd-bit