Benutzerdefinierte Azure Mobile Client-Authentifizierung für Zugriff auf Controller mit Attribut [Autorisieren]

Question

Ich verwende Azure Mobile Service Client mit benutzerdefinierter Autorisierung auf Xamarin.Forms Plattform.

Die Login .LoginAsync("custom", user) mit scheint korrekt zu arbeiten, dass sie ein MobileServiceUser mit Nicht-Null-MobileAuthenticationToken und UserId zurückkehren und automatisch nach oben hakt die <MobileServiceClient>.CurrentUser mit diesem Wert.

Wenn ich jedoch versuche, eine weitere Anfrage (sofort bei der Anmeldung) zu erhalten, bekomme ich eine MobileServiceInvalidOperationException .. (Unauthorized) Antwort, wenn ich den CurrentUser Wert überprüfen - es ist immer noch gleich.

Fehle ich etwas mit der MobileServiceClient? Mein Verständnis ist, dass, wenn es einen Nicht-Null-Wert für .CurrentUser hat, dann wird das in den Kopfzeilen als X-ZUMO-AUTH Header enthalten.

Server Login:

[Route(".auth/login/custom")] 
public class AuthController : ApiController 
{ 
    private readonly AppContext _context; 

    private readonly string 
     _singningKey = Environment.GetEnvironmentVariable("WEBSITE_AUTH_SIGNING_KEY"); 

    private readonly string 
     _audience; 

    private readonly string 
     _issuer; 

    public AuthController() 
    { 
     _context = new AppContext(); 

     var website = Environment.GetEnvironmentVariable("WEBSITE_HOSTNAME"); 
     _audience = $"https://{website}/"; 
     _issuer = $"https://{website}/"; 
    } 

    public HttpResponseMessage Post([FromBody] LoginUser body) 
    { 
     if (body?.Username == null || body.Password == null || body.Username.Length == 0 || body.Password.Length == 0) 
     { 
      return Request.CreateUnauthorizedResponse(); 
     } 

     if (!IsValidUser(body)) 
     { 
      return Request.CreateUnauthorizedResponse(); 
     } 

     var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, body.Username) }; 

     var token = AppServiceLoginHandler.CreateToken(claims, 
       _singningKey, 
       _audience, 
       _issuer, 
       TimeSpan.FromHours(24)); 

     return Request.CreateResponse(HttpStatusCode.OK, new LoginResult 
     { 
      AuthenticationToken = token.RawData, 
      User = new LoginResultUser() { UserId = body.Username } 
     }); 
    } 

    protected override void Dispose(bool disposing) 
    { 
     if (disposing) 
     { 
      _context.Dispose(); 
     } 
     base.Dispose(disposing); 
    } 

    private bool IsValidUser(LoginUser user) 
    { 
     .. this works fine 
    } 
} 

public class LoginUser 
{ 
    [JsonProperty("username")] 
    public string Username { get; set; } 
    [JsonProperty("password")] 
    public string Password { get; set; } 
} 

public class LoginResultUser 
{ 
    [JsonProperty("userId")] 
    public string UserId { get; set; } 
} 

public class LoginResult 
{ 
    [JsonProperty("authenticationToken")] 
    public string AuthenticationToken { get; set; } 
    [JsonProperty("user")] 
    public LoginResultUser User { get; set; } 
} 

Client Login:

var database = new MobileServiceClient(BackendApiServerAddress); 
var result = await database.LoginAsync("custom", JObject.FromObject(user)); //this sets database.CurrentUser to a MobileServiceUser with MobileAuthenticationToken and UserId and returns the value 
await database.SyncContext.PushAsync(); // this fails 

Ausnahme:

{Microsoft.WindowsAzure.MobileServices.MobileServiceInvalidOperationException: The request could not be completed. (Unauthorized) 
    at Microsoft.WindowsAzure.MobileServices.MobileServiceHttpClient+<ThrowInvalidResponse>d__24.MoveNext() [0x001ec] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.MobileServiceHttpClient+<SendRequestAsync>d__26.MoveNext() [0x000fc] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter`1[TResult].GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.MobileServiceHttpClient+<RequestAsync>d__18.MoveNext() [0x000fa] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter`1[TResult].GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.MobileServiceTable+<ReadAsync>d__20.MoveNext() [0x000a3] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter`1[TResult].GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.MobileServiceTable+<ReadAsync>d__18.MoveNext() [0x00141] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter`1[TResult].GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.Sync.PullAction+<ProcessTableAsync>d__14.MoveNext() [0x0015c] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.Sync.TableAction+<ExecuteAsync>d__29.MoveNext() [0x002a5] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.Sync.MobileServiceSyncContext+<ExecuteSyncAction>d__34.MoveNext() [0x0008e] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.Sync.MobileServiceSyncContext+<PullAsync>d__30.MoveNext() [0x0039b] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at FRAOffline.Backend.Database.DbContext+<SyncCustomersAsync>d__32.MoveNext() [0x00049] in C:\Users\Heather\Documents\Visual Studio 2017\Projects\FRAOffline\FRAOffline\FRAOffline\Backend\Database\Customers.DbContext.cs:83 } 

Answer 1

Nach Ihrer Beschreibung, Ihre benutzerdefinierte Authentifizierung könnte die Client-Benutzer validieren und erzeugen die authenticationToken erfolgreich. Ich empfehle Ihnen, die Authentifizierungs-/Autorisierungseinstellungen zu überprüfen und sicherzustellen, dass die Aktion Aktion, wenn Anfrage nicht authentifiziert wird bis Anfrage zulassen (keine Aktion) unter "EINSTELLUNG> Authentifizierung/Autorisierung" Ihrer Azure Mobile App erlaubt. Außerdem würde ich Ihnen empfehlen, fiddler zu verwenden, um die Netzwerkablaufverfolgungen beim Aufrufen von await database.SyncContext.PushAsync() zu erfassen. Darüber hinaus könnten Sie auch Postbote verwenden, um die Anfrage an den Tisch Controller zu simulieren, um dieses Problem zu verengen folgt:

GET https://{your-app-name}.azurewebsites.net/tables/{table-name} 
Header x-zumo-auth:{authenticationToken} 

Darüber hinaus könnten Sie auch Adrian Hall Buch folgen über Custom Authentication und Authentication in the Backend.