GRPC Authorization is not working with .Net Core application

Mayank Gupta 1 Reputation point
2022-11-19T16:38:32.323+00:00

We have the .Net Core application, under Startup class we have provided the authentication mechanism and the code snippet is shown below:

var auth = services.AddMyApplicationAuthentication(Configuration.GetSection("SingleSignOn")); 

            auth.AddApiKeySupport(options =>  
            {  
                var saAuth = Configuration.GetSection("myApi");  
                options.headerName = saAuth["header"];  
                options.headerValue = saAuth["keyValue"];  
            });

and the AddApiKeySupport extension method is having below logic:

public static class MyApplicationAuthenticationBuilderExtensions
{
public static AuthenticationBuilder AddApiKeySupport(this AuthenticationBuilder authenticationBuilder, Action<ApiKeyOptions> options)
{
return authenticationBuilder.AddScheme<ApiKeyOptions, ApiKeyHandler>(ApiKeyOptions.DefaultScheme, options);
}
}

ApiKeyHandler logic is shown below:

public class ApiKeyHandler: AuthenticationHandler<ApiKeyOptions>
{
public ApiKeyHandler(
IOptionsMonitor<ApiKeyOptions> options) : base(options)
{
} 

    protected override Task<AuthenticateResult> HandleAuthenticateAsync()  
    {  
        ...  
        ...  
    }

but when we are calling this application GRPC endpoints through any client (in this case console app) HandleAuthenticateAsync() method is not getting called, and any client calls API endpoints without any authorization.

I have decorated GRPC API Service with [Authorize(AuthenticationSchemes = ApiKeyOptions.DefaultScheme)], but no effect.

Is there any understanding gap from my side?

ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,139 questions