Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG] AuthorizeAttribute does not add a header to the request #946

Closed
N00mBus2000 opened this issue Jul 3, 2020 · 8 comments
Closed

[BUG] AuthorizeAttribute does not add a header to the request #946

N00mBus2000 opened this issue Jul 3, 2020 · 8 comments
Labels

Comments

@N00mBus2000
Copy link

Describe the bug

[AttributeUsage(AttributeTargets.Parameter)]
public class AuthorizeAttribute : HeaderAttribute
{
     public AuthorizeAttribute(string scheme = "Bearer")
       : base("Authorization: " + scheme) { }
}
Refit.RequestBuilderImplementation.SetHeader(HttpRequestMessage request, string name/*"Authorization: Bearer"*/, string value)
{
...
var added = request.Headers.TryAddWithoutValidation(name, value);
...
}

but:

var req = new HttpRequestMessage();
var trueResult = req.Headers.TryAddWithoutValidation("Authorization", "Bearer someValue");
var falseResult = req.Headers.TryAddWithoutValidation("Authorization: Bearer", "someValue");

Steps To Reproduce

    internal interface IAuthorizationService
    {
        [Get("/api/auth/refreshToken")]
        Task<Response<AuthToken>> RefreshTokenAsync([Authorize("Bearer")] string token);
    }

Expected behavior
Add header

Environment

  • OS: Window 10
  • Device: PC
  • Version: 10.0.19041 Build 19041
  • Working Version: .net core 3.1
@N00mBus2000 N00mBus2000 added the bug label Jul 3, 2020
@tien
Copy link

tien commented Sep 3, 2020

Yeah got the same issue

@BarsikV
Copy link
Contributor

BarsikV commented Oct 1, 2020

Please fix this, even better would be to set the authorization scheme for the whole interface, instead of each request.

@N00mBus2000
Copy link
Author

N00mBus2000 commented Oct 7, 2020

Please fix this, even better would be to set the authorization scheme for the whole interface, instead of each request.

You can use this code for the whole interface (e. g.):

    [Headers("Authorization: Bearer", "Content-Type: application/json", "Accept: application/json")]
    internal interface IDataProviderService

jamiehowarth0 added a commit that referenced this issue Oct 9, 2020
fix [BUG] AuthorizeAttribute does not add a header to the request #946
@BarsikV
Copy link
Contributor

BarsikV commented Oct 12, 2020

You can use this code for the whole interface (e. g.):

    [Headers("Authorization: Bearer", "Content-Type: application/json", "Accept: application/json")]
    internal interface IDataProviderService

Yeah, but won't it be overrided by the header on the parameter?

    [Headers("Authorization: Bearer")]
    public interface IDataProviderService
    {
        [Get("")]
        Task<DataDto> GetData([Header("Authorization")]string token);
    }

This doesn't work.
Am I doing it wrong?

@netotz
Copy link

netotz commented Jan 12, 2021

Same issue, using Xamarin Forms .NET Standard 2.1, running on Android

@bgribaudo
Copy link

bgribaudo commented Jan 19, 2021

Same issue, I believe. [Authorize("Bearer")] string token) isn't working for us.. Using that attribute does not result in any header getting set on the outbound request.

.Net Core 3.1
Refit 5.2.4

@N00mBus2000
Copy link
Author

#979

@github-actions
Copy link

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 14, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

No branches or pull requests

5 participants