Injecting AuthenticationMiddleware in Ocelot - how to return 401

Question

I think this question is kind of trivial, but I cannot find an answer to it:

I am using Ocelot as an API Gateway and use my own authentication middleware, since I need to authenticate the users against our own database. The happy path is working just fine. However, if the user cannot authenticate I can only return 500 internal server error, but I have not idea how to make ocelot return a 401.

Can anyone help me? This would be the very basic of what I mean:

var authSuccess = authenticate();
if (authSuccess)
{
    await next.Invoke();
} else
{
    // cancel and Return 401
}

score 0 · Answer 1 · answered Jan 29 '19 at 08:16

0

Okay, so I looked further into the Repo and I found something that helped me:

AuthenticationMiddleware = async (context, next) =>
{
   var authSuccess = authenticate();
   if (authSuccess)
   {
       await next.Invoke();
   } else
   {
      var error = new UnauthenticatedError("Some Message");
      context.Errors.Add(error);
   }
}

answered Jan 29 '19 at 08:16

KaffeeKaethe

301
1
3
10

I only get the status code, but no body message. I want show the message to client. How to do so? – Justin Jul 11 '19 at 07:22
1

Same problem for me, and there is no error property in context. – XAMT Feb 24 '21 at 11:18

score 0 · Answer 2 · answered Jun 04 '20 at 07:40

0

You can do delow way to

await ctx.HttpContext.Response.WriteAsync("{'error':'Your message'}");
ctx.Errors.Add(new UnauthenticatedError("Your message"));

answered Jun 04 '20 at 07:40

Abhishek Dhorajia

21
5

Injecting AuthenticationMiddleware in Ocelot - how to return 401

2 Answers2