Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Consider adding more flexibility to Jwt[Bearer]Handler #18320
I was looking for a way to add an alternative authentication scheme to aspnetcore app:
Since JwtBearerHandler insists to look for "Bearer" token regardless of keyword set in Options.Challenge I was forced to add my own JWT handler.
Steps to reproduce:
It is correct that the workaround mentioned above may be used to assign anything from the request as a token, however it comes with multiple problems:
Above code leads to:
When we remove the explicit scheme name from the controller definition we get an another one:
The only way it may work is that we pretend that we want to use "Bearer" scheme when in fact we fetch token from another scheme:
However the workaround above is limited to one scheme only, it is not possible to register multiple authe schemes using the workaround above - the code below results in runtime exception:
Hello, it did the trick indeed. The only downside I observerved so far is that the OnMessageReceived handler is being called twice. Thanks for a piece of advice.