I'm trying to create a .net core 2.2 web api with custom authentication scheme but I'm not able to read the content of my http request containing an authorization parameter. I've created the following attribute:
[AttributeUsage(validOn: AttributeTargets.Class | AttributeTargets.Method)]
public class ApiKeyAuthAttribute : Attribute, IAsyncActionFilter
{
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
var auth = context.HttpContext.Request.Headers["Authorization"];
await next();
}
}
Then I decorated the calls with the "[ApiKeyAuthAttribute]" The attribute is called but "auth" is always empty. I've inspected the http call and it contains the following string:
GET http://localhost:5000/secret HTTP/1.1
Authorization: hmacauth 65d3a4f0-0239-404c-8394-21b94ff50604:YasPG+z7r1jyUUqAlXY9G91Ov0IfDfA9sNvW4NLocIU=:4977ca7250414e9c8c8b3d9a703fcf9e:1596303518
Host: localhost:5000
I guess that I've to put something in the application startup but I'm not sure..
This is my current application startup
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseMvc();
}
