I have a Web API which worked perfectly in .Net Core 1.1 but has stopped working in .Net 2.0. The problem appears to be related to authentication, because I only get it when I try to access endpoints that have the [Authorize] action. I am using Auth0 as my authentication server. To clarify, I didn't upgrade the project, but rather created a new ASP .Net Core 2.0 project, and imported the files from the old project to the new project. This is the error I get as soon as I try to access any restricted endpoint (using Postman):
<body><h1>An unhandled exception occurred while processing the request.</h1><div class="titleerror">UriFormatException: Invalid URI: The hostname could not be parsed.</div><p class="location">System.Uri.CreateThis(string uri, bool dontEscape, UriKind uriKind)</p><div class="titleerror">IOException: IDX10804: Unable to retrieve document from: 'https:///.well-known/openid-configuration'.</div><p class="location">Microsoft.IdentityModel.Protocols.HttpDocumentRetriever+<GetDocumentAsync>d__8.MoveNext()</p><div class="titleerror">InvalidOperationException: IDX10803: Unable to obtain configuration from: 'https:///.well-known/openid-configuration'.</div><p class="location">Microsoft.IdentityModel.Protocols.ConfigurationManager+<GetConfigurationAsync>d__24.MoveNext()</p>
I know there were some breaking changes specifically in the Authorization domain, involving moving some things from Configure to ConfigureServices and vice versa, which I did. This is what my Startup.cs looks like:
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
var corsBuilder = new CorsPolicyBuilder();
corsBuilder.AllowAnyHeader();
corsBuilder.AllowAnyMethod();
corsBuilder.AllowAnyOrigin(); // For anyone access.
corsBuilder.AllowCredentials();
services.AddCors(options =>
{
options.AddPolicy("SiteCorsPolicy", corsBuilder.Build());
});
var config = new AutoMapper.MapperConfiguration(cfg =>
{
cfg.AddProfile(new AutoMapperProfileConfiguration());
});
var mapper = config.CreateMapper();
services.AddSingleton(mapper);
services.AddMvc();
services.AddDbContext<InspectionsContext>(options =>
options.UseMySql(Configuration.GetConnectionString("InspectionsDatabase")));
services.Configure<Auth0Settings>(Configuration.GetSection("Auth0"));
services.AddAuthentication(options =>
{
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.Audience = Configuration["Auth0:Audience"];
options.Authority = $"https://{Configuration["Auth0:Domain"]}/";
options.RequireHttpsMetadata = false;
});
services.AddSingleton<IConfiguration>(Configuration);
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new Info { Title = "My API", Version = "v1" });
});
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
app.UseCors("SiteCorsPolicy");
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseSwagger();
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "Inspections API V1");
});
app.UseAuthentication();
app.UseStaticFiles();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
}
Any ideas?