1

I have a simple Blazor app from template. You can inspect it here: https://blazorfun2.azurewebsites.net/ . FetchData page is only for authorized users, but when I authorize I get 401 Unauthorized error. Under the Response header it shows this error:

WWW-Authenticate: Bearer error="invalid_token", error_description="The issuer 'https://blazorfun2.azurewebsites.net' is invalid"

You can test that with testmail@testmail.something and Error#2 password.

I don't have this error on local host.

I am using Azure app service, dotnet 5.0 on Linux.

It is solvable by changing IssuerUri (source), but I guess it's not the best option..

//Main method in Program.cs in Client: 
 var builder = WebAssemblyHostBuilder.CreateDefault(args);
 builder.RootComponents.Add<App>("#app");

 builder.Services.AddHttpClient("BlazorPlaygroundFun.ServerAPI", client => client.BaseAddress = new Uri(builder.HostEnvironment.BaseAddress))
     .AddHttpMessageHandler<BaseAddressAuthorizationMessageHandler>();

 // Supply HttpClient instances that include access tokens when making requests to the server project
 builder.Services.AddScoped(sp => sp.GetRequiredService<IHttpClientFactory>().CreateClient("BlazorPlaygroundFun.ServerAPI"));

 builder.Services.AddApiAuthorization();

 await builder.Build().RunAsync();

//startup.cs in server project:
services.AddDbContext<ApplicationDbContext>(options =>
    options.UseSqlServer(
        Configuration.GetConnectionString("DefaultConnection")));

services.AddDatabaseDeveloperPageExceptionFilter();

services.AddDefaultIdentity<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
    .AddEntityFrameworkStores<ApplicationDbContext>();

services.AddIdentityServer()
    .AddApiAuthorization<ApplicationUser, ApplicationDbContext>();

services.AddAuthentication()
    .AddIdentityServerJwt();

services.AddControllersWithViews();
services.AddRazorPages();

What is wrong here? Thank you!

Alamakanambra
  • 5,845
  • 3
  • 36
  • 43
  • Is this a duplicate of [this](https://stackoverflow.com/questions/60306175/bearer-error-invalid-token-error-description-the-issuer-is-invalid)? Else, did you check [the other questions and answers on SO](https://stackoverflow.com/search?q=+Bearer+error+invalid_token+error_description+The+issuer+is+invalid)? – JHBonarius Feb 15 '21 at 14:24
  • These questions are related, yes. But not to the blazor and not to simple app that is just template. – Alamakanambra Feb 15 '21 at 18:22
  • Has your problem been solved? Is there any progress? – Jason Pan Feb 18 '21 at 08:40

1 Answers1

0

When you log in successfully, call

var token = await TokenProvider.GetTokenAsync();

method to get jwt token.

Then in Fetch Data, bring the jwt token in header, which will solve your problem.

For more details, please check the related post.

Thanks for enet's answer.

Blazor WebAssembly 401 Unauthorized even when I am authorized

Jason Pan
  • 15,263
  • 1
  • 14
  • 29
  • Changing issuer uri seamed like a bad option. But this one isn't better - I have to edit every authorized page. I do not understand why it works only on localhost.. – Alamakanambra Feb 24 '21 at 15:22