GRPC Authorization is not working with .Net Core application
We have the .Net Core application, under Startup class we have provided the authentication mechanism and the code snippet is shown below:
var auth = services.AddMyApplicationAuthentication(Configuration.GetSection("SingleSignOn"));
auth.AddApiKeySupport(options =>
{
var saAuth = Configuration.GetSection("myApi");
options.headerName = saAuth["header"];
options.headerValue = saAuth["keyValue"];
});
and the AddApiKeySupport extension method is having below logic:
public static class MyApplicationAuthenticationBuilderExtensions
{
public static AuthenticationBuilder AddApiKeySupport(this AuthenticationBuilder authenticationBuilder, Action<ApiKeyOptions> options)
{
return authenticationBuilder.AddScheme<ApiKeyOptions, ApiKeyHandler>(ApiKeyOptions.DefaultScheme, options);
}
}
ApiKeyHandler logic is shown below:
public class ApiKeyHandler: AuthenticationHandler<ApiKeyOptions>
{
public ApiKeyHandler(
IOptionsMonitor<ApiKeyOptions> options) : base(options)
{
}
protected override Task<AuthenticateResult> HandleAuthenticateAsync()
{
...
...
}
but when we are calling this application GRPC endpoints through any client (in this case console app) HandleAuthenticateAsync() method is not getting called, and any client calls API endpoints without any authorization.
I have decorated GRPC API Service with [Authorize(AuthenticationSchemes = ApiKeyOptions.DefaultScheme)], but no effect.
Is there any understanding gap from my side?