Open Closed

Unable to authorize apis using bearer token #6635


User avatar
0
surajlokhandemmew created

ABP Framework version: v8.0.0

UI Type: MVC but this error is while consuming api on flutter app

Database System: MongoDB

Tiered (for MVC) or Auth Server Separated (for Angular): no

Exception message and full stack trace:

when i am trying to access api using bearer token its responding with login page


5 Answer(s)
  • User Avatar
    0
    Anjali_Musmade created
    Support Team Support Team Member

    Hi,

    Have you check this documentation https://community.abp.io/posts/consume-abp-api-from-flutter-app-adzzfnji ? please check if it helps you. if possible please give steps to reproduce or error logs.

    thanks,

  • User Avatar
    0
    surajlokhandemmew created

    Well i dont want to show webview of login page instead i am using connect/token api to get the token using below method

    ` Future<AccessToken> fetchAccessToken({
        required String username,
        required String password,
        required String grantType,
        required String clientId,
        required String clientSecret,
        required String scope,
      }) async {
        final response = await http.post(
          Uri.parse('$api/connect/token'),
          headers: <String, String>{
            'Content-Type': 'application/x-www-form-urlencoded',
          },
          body: {
            'username': username,
            'password': password,
            'grant_type': grantType,
            'client_id': clientId,
            'client_secret': clientSecret,
            'scope': scope,
          },
        );
    
    
       if (response.statusCode == 200) {
          print(response.body);
          final accessToken = AccessToken.fromJson(json.decode(response.body));
          await storeAccessToken(accessToken.accessToken, accessToken.expiresIn);
          await storeRefreshToken(accessToken.refreshToken);
          return accessToken;
        } else {
          throw Exception("Invalid username or password");
        }
      }
    
    

    and trying to authorize api using this method

    `  Future<http.Response> get(String url) async {
        String? token = await authViewModel.getValidAccessToken();
        return http.get(
          Uri.parse(url),
          headers: {
            'Authorization': 'Bearer $token',
          },
        );
      }`
    

    , you can try reproducing using postman just get the access token using connect/token api and use it as bearer token to access secured api it responds with login page 401 response, check screen shots

    and can i please get quick reply , this issue is delaying my deadline.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    Which scope did you pass?

    Typically they should contain the following:

    address email phone roles profile offline_access <Your API resource name>

    You can find the API resource name in the Module class

  • User Avatar
    0
    surajlokhandemmew created

    Yes figured it out , is it documented anywhere??

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    ABP has no such document it is part of OpenID connect: https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims

Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11