Ocelot
Ocelot copied to clipboard
ThreeMammals
Unable to start Ocelot, errors are: Authentication Options AuthenticationProviderKey:TestKey,AllowedScopes:[] is unsupported authentication provider
Expected Behavior / New Feature
Ocelot starts and works with IdentityServer4 Authentication
Actual Behavior / Motivation for New Feature
Ocelot crashes with:
Unable to start Ocelot, errors are: Authentication Options AuthenticationProviderKey:TestKey,AllowedScopes:[] is unsupported authentication provider
Steps to Reproduce the Problem
- Follow the steps for IdentityServer 4 Config looks like:
{
"DownstreamPathTemplate": "/{everything}",
"DownstreamScheme": "https",
"DownstreamHostAndPorts": [
{
"Host": "localhost",
"Port": 44309
}
],
"UpstreamPathTemplate": "/{everything}",
"UpstreamHttpMethod": [ "Get", "Post" ],
"AuthenticationOptions": {
"AuthenticationProviderKey": "TestKey",
"AllowedScopes": []
}
}
Startup:
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
//services.AddControllers();
ConfigureIdentityServer(services);
services.AddOcelot();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseStaticFiles();
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
//app.UseEndpoints(endpoints =>
//{
// endpoints.MapControllers().RequireAuthorization();
//});
app.UseOcelot().Wait();
}
private void ConfigureIdentityServer(IServiceCollection services)
{
//IdentityServerConfig identityServerConfig = new IdentityServerConfig();
//Configuration.Bind("IdentityServerConfig", identityServerConfig);
var authenticationProviderKey = "TestKey";
services.AddAuthentication()
.AddIdentityServerAuthentication(authenticationProviderKey, options =>
{
options.RequireHttpsMetadata = false;
options.Authority = $"http://localhost:5000";
options.ApiName = "api1";
}
);
}
Program
public class Program
{
public static void Main(string[] args)
{
Log.Logger = new LoggerConfiguration()
.Enrich.FromLogContext()
.MinimumLevel.Debug()
.WriteTo.Console(
LogEventLevel.Verbose,
"{NewLine}{Timestamp:HH:mm:ss} [{Level}] ({CorrelationToken}) {Message}{NewLine}{Exception}")
.CreateLogger();
try
{
CreateHostBuilder(args).Build().Run();
}
finally
{
Log.CloseAndFlush();
}
}
public static IWebHostBuilder CreateHostBuilder(string[] args) =>
WebHost.CreateDefaultBuilder(args)
.UseStartup<Startup>()
.ConfigureAppConfiguration((hostingContext, config) =>
{
config
.SetBasePath(hostingContext.HostingEnvironment.ContentRootPath)
.AddJsonFile("ocelot.json")
.AddEnvironmentVariables();
})
.ConfigureServices(s =>
{
s.AddOcelot();
s.AddMvc();
})
.ConfigureLogging((hostingContext, logging) =>
{
//add your logging
logging.AddSerilog();
})
.Configure(a =>
{
a.UseOcelot().Wait();
});
}
- Run the application
Specifications
- Version: Ocelot 13.8.0
- Platform: .Net Core 3.0 on Windows 10 x64
- Subsystem:
Would you mind sharing a repro of this issue so we can investigate what's going wrong here?
I had this issue because of my appsettings.<environment>.json file wasn't getting imported properly so therefore the ocelot had no matching configuration. I was importing my config as an ExpandoObject and c# didn't like that one of my properties was an array. So I changed it from an array to a serialzed string array and my code was happy.
In my case, I called the wrong .AddJwtBearer without the provider key like this:
services.AddAuthentication()
.AddJwtBearer(x =>
{
x.Authority = "test";
x.Audience = "test";
});
Should have been
services.AddAuthentication()
.AddJwtBearer("TestKey", x =>
{
x.Authority = "test";
x.Audience = "test";
});
@jawand, nope :) I am currently switched to another project that is not using Ocelot.
I've run into this issue as well.
Following the example in the Ocelot docs produces this error for me
I manged to solve this. For me, I had configuration in both Startup.cs and Program.cs. It wasn't using my Startup.cs for the Ocelot config. If your following the samples then the configuration for authentication needs to be under the .ConfigureServices part of the WebHostBuilder e.g. in Program.cs Main method:
new WebHostBuilder()
.UseKestrel()
.UseContentRoot(Directory.GetCurrentDirectory())
.ConfigureAppConfiguration((hostingContext, config) =>
{
config
.SetBasePath(hostingContext.HostingEnvironment.ContentRootPath)
.AddJsonFile("appsettings.json", true, true)
.AddJsonFile($"appsettings.{hostingContext.HostingEnvironment.EnvironmentName}.json", true, true)
.AddJsonFile("ocelot.json", false, true)
.AddEnvironmentVariables();
})
.ConfigureServices(services =>
{
void Options(IdentityServerAuthenticationOptions o)
{
o.Authority = authenticationServerBaseAddress;
o.ApiName = ServiceClientId;
o.SupportedTokens = SupportedTokens.Both;
o.ApiSecret = ServiceSecret;
}
services.AddAuthentication()
.AddIdentityServerAuthentication(authenticationProviderKey, Options);
services.AddOcelot();
})
.ConfigureLogging((hostingContext, logging) =>
{
//add your logging TODO
})
.UseIISIntegration()
.Configure(app =>
{
app.UseOcelot().Wait();
})
.Build()
.Run();
I found it useful to actually take a copy of the code so I could debug through it then it made more sense what it was doing and why it wasn't picking up my authentication config
Hope this helps someone !
I had it too because my SymmetricSecurityKey does not loaded correctly from database in ConfigureServices() method.
@BorisSokolov commented on Sep 10, 2020:
@jawand, nope :) I am currently switched to another project that is not using Ocelot.
Орёл ты - Соколов! Орёл!
The author doesn't care!
Misconfiguration issue of the startup code where required authentication provider was not registered!