Open Closed

Not able to access an authorised API from external source #5827


User avatar
0
DNarayanaswamy created

ABP Framework version: ABP CLI 7.3.0 UI Type: Blazor Server Database System: EF Core (SQL Server) Tiered (for MVC) or Auth Server Separated (for Angular): Tiered Exception message and full stack trace:

Hi, I have an API in the main project which returns some required data. I need to use this API endpoint and get the data in external project. But this API is authorized and Authorization: Bearer Token is changing for each request. So I am not able to figure out how to get the data into my external project.

After authorization the API works perfectly fine in the main project, but having issues in accessing from external projects. Please refer on how the authorization is done.

When I navigate into Authorize I am navigated to a locked file which is present in a dll.

Can you help me out on how to access this Authorized API.

Thanks.


3 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can get an access_token from the authserver website and carry this token to the API.

    https://auth0.com/docs/get-started/authentication-and-authorization-flow/which-oauth-2-0-flow-should-i-use

  • User Avatar
    0
    DNarayanaswamy created

    Hi , I have been trying to access this API by authenticating using OAUTH2.0 but Iam not successfull. I am getting 400-Bad Request Error. Here is the code I am using. Please call out if anything wrong done here.

    [HttpGet]
    public async Task<ActionResult<string>> GetLocationDetailsbyId()
    {
            var tokenEndpoint = "https://test-authserver.azurewebsites.net/connect/token";
            var clientId = "TEST_Swagger";
            var clientSecret = ""; 
            var httpClient = _httpClientFactory.CreateClient();
            var formData = new Dictionary<string, string>
    {
        { "grant_type", "password" },
        { "username", "*****" },         // User's username
        { "password", "*****" },      // User's password
        { "client_id", clientId },
        { "client_secret", clientSecret },
        { "scope", "TEST" }
    };
            var tokenRequest = new FormUrlEncodedContent(formData);
            var tokenResponse = await httpClient.PostAsync(tokenEndpoint, tokenRequest);
            if (tokenResponse.IsSuccessStatusCode)
            {
                var tokenContent = await tokenResponse.Content.ReadFromJsonAsync<TokenResponse>();
                var accessToken = tokenContent?.access_token;
                // Now that you have the access token, you can use it to access the protected API
                var apiEndpoint = "https://test-api.azurewebsites.net/api/app/location/4640/location-details-by-id";
                var apiRequest = new HttpRequestMessage(HttpMethod.Get, apiEndpoint);
                apiRequest.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
                var apiResponse = await httpClient.SendAsync(apiRequest);
                if (apiResponse.IsSuccessStatusCode)
                {
                    var apiData = await apiResponse.Content.ReadAsStringAsync();
                    return Ok(apiData);
                }
                else
                {
                    return StatusCode((int)apiResponse.StatusCode, "API request failed.");
                }
            }
            else
            {
                return StatusCode((int)tokenResponse.StatusCode, "Token request failed.");
            }
    }
    

    I also tried to execute the same thing via postman, it says invalid scope. But I am entering right scope, refer the scopes displayed in Main project. This is the same thing entered in PostMan This says invalid scope in PostMan.

    I also tried using TEST API, TEST TEST API as scopes but still same result. Can you please guide me here?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Please check these projects.

    https://github.com/abpframework/abp/blob/dev/modules/openiddict/app/OpenIddict.Demo.Server/EntityFrameworkCore/ServerDataSeedContributor.cs#L26 https://github.com/abpframework/abp/blob/dev/modules/openiddict/app/OpenIddict.Demo.Client.Console/Program.cs

Made with ❤️ on ABP v9.1.0-preview. Updated on December 26, 2024, 06:07