Hello,
I have an ASP.net Web API that is working with BasicAuthenticationAttribute. I want to add bearer token-based authentication to one of my controllers. I added those NuGet packages:
- Microsoft.AspNet.WebApi.Owin
- Microsoft.Owin.Host.SystemWeb
- Microsoft.Owin.Security.OAuth
When API starts, there is no problem with the web API config.
public static class WebApiConfig
{
public static void Register(HttpConfiguration config)
{
config.Formatters.JsonFormatter.SerializerSettings.ReferenceLoopHandling = ReferenceLoopHandling.Ignore;
config.Formatters.JsonFormatter.SerializerSettings.DateTimeZoneHandling =
DateTimeZoneHandling.Local;
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
"DefaultApi",
"api/{controller}/{id}",
new {id = RouteParameter.Optional}
);
config.MessageHandlers.Add(new RequestResponseHandler());
config.Filters.Add(new CustomExceptionFilter());
var resolver = config.DependencyResolver;
var basicAuth = resolver.GetService(typeof(BasicAuthenticationAttribute)) as BasicAuthenticationAttribute;
config.Filters.Add(basicAuth);
}
}
Then Owin startup starts to work.
public class Startup
{
public void Configuration(IAppBuilder app)
{
var configuration = new HttpConfiguration();
Configure(app);
WebApiConfig.Register(configuration);
app.UseWebApi(configuration);
}
private static void Configure(IAppBuilder app)
{
var options = new OAuthAuthorizationServerOptions()
{
TokenEndpointPath = new Microsoft.Owin.PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromHours(1),
AllowInsecureHttp = true,
Provider = new AuthorizationServerProvider()
};
app.UseOAuthAuthorizationServer(options);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
}
At this line below flow goes back to the web API config file.
WebApiConfig.Register(configuration);
And finally, it gets a null exception for basic authentication.
config.Filters.Add(basicAuth);
How can I solve this and use both basic authentication attribute and token-based authentication in my web API?
Best Regards.