question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

CoreWCF and serviceAuthorizationManager not working

See original GitHub issue

Hi,

I’m trying to assemble a .Net 6 WCF Service with CoreWCF, using a basicHttpBinding, and I’m strugling to add a service authorization manager.

My purpose is to enable WCF to read and validate bearer tokens and use OAuth. I can’t move to REST because of legacy applications compatibility, so I need to keep WCF but use bearer tokens.

I’m using following packages:

  • CoreWCF.Primitives 1.3.1
  • CoreWCF.Http 1.3.1
  • CoreWCF.ConfigurationManager 1.3.1

My service at this stage is quite simple:

[ServiceContract]
public interface IService
{
    [OperationContract]
    string GetData(int value);

    [OperationContract]
    CompositeType GetDataUsingDataContract(CompositeType composite);
}

public class Service : IService
{
    public string GetData(int value)
    {
        return string.Format("You entered: {0}", value);
    }

    public CompositeType GetDataUsingDataContract(CompositeType composite)
    {
        if (composite == null)
        {
            throw new ArgumentNullException("composite");
        }
        if (composite.BoolValue)
        {
            composite.StringValue += "Suffix";
        }
        return composite;
    }
}

// Use a data contract as illustrated in the sample below to add composite types to service operations.
[DataContract]
public class CompositeType
{
    bool boolValue = true;
    string stringValue = "Hello ";

    [DataMember]
    public bool BoolValue
    {
        get { return boolValue; }
        set { boolValue = value; }
    }

    [DataMember]
    public string StringValue
    {
        get { return stringValue; }
        set { stringValue = value; }
    }
}

My Program.cs:

  var builder = WebApplication.CreateBuilder();

builder.Services.AddServiceModelServices();
builder.Services.AddServiceModelConfigurationManagerFile("wcf.config");
builder.Services.AddServiceModelMetadata();
builder.Services.AddSingleton<IServiceBehavior, UseRequestHeadersForMetadataAddressBehavior>();

builder.Services.AddSingleton<OAuthAuthorizationManager>();

var app = builder.Build();


app.UseServiceModel(bld =>
{
   bld.AddServiceEndpoint<Service, IService>(new BasicHttpBinding(BasicHttpSecurityMode.Transport), "/Service.svc");
   var mb = app.Services.GetRequiredService<ServiceMetadataBehavior>();   
   mb.HttpsGetEnabled = true;
});
app.Run();

Then my wcf.config:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <system.serviceModel>
      <bindings>
        <basicHttpBinding>
          <binding name="basicBinding" receiveTimeout="00:10:00">
            <security mode="Transport" />
          </binding>
        </basicHttpBinding>
      </bindings>
      <services>
        <service name="CoreWCFService.Service" behaviorConfiguration="Default">
          <endpoint address="basic" binding="basicHttpBinding" bindingConfiguration="basicBinding" contract="CoreWCFService.IService"  />       
        </service>
      </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="Default">
          <serviceDebug includeExceptionDetailInFaults="true" />
          <serviceMetadata httpGetEnabled="true" />
          <serviceAuthorization serviceAuthorizationManagerType="CoreWCFService.OAuthAuthorizationManager,CoreWCFService" />
          <dataContractSerializer maxItemsInObjectGraph="10000000" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
    </system.serviceModel>
</configuration>

But when I call the service with tokens, nothing happens on the authorization manager, the operation runs simply ignoring this service behavior.

Is there anyone out there that can help me with this?

Issue Analytics

  • State:closed
  • Created 7 months ago
  • Comments:6

github_iconTop GitHub Comments

1reaction
pacojonescommented, Feb 13, 2023

@g7ed6e thanks for your tip, you’ve nailed it, it is working like a charm!

1reaction
g7ed6ecommented, Feb 13, 2023

@pacojones I think you can remove the cookie middleware in this scenario. Is your access_token a jwt ? if so you should inspect the “scope” claim and check the existence of a configured scope.

Read more comments on GitHub >

github_iconTop Results From Across the Web

WCFCore and serviceAuthorizationManager not working
But when I call the service with tokens, nothing happens on the authorization manager, the operation runs simply ignoring this service behavior.
Read more >
Port ServiceAuthorizationBehavior class · Issue #91
Does that code need to be ported or is the one in CoreWCF ok? ... in implies it works and this has a...
Read more >
Introducing ASP.NET Core Authorization support and ...
Introduction The latest release of CoreWCF will bring support of ASP.NET Core Authorization to allow developers to use ASP.
Read more >
Create a Custom Authorization Manager for a Service - WCF
An authorization manager examines the claims in the AuthorizationContext to make authorization decisions. By default, authorization decisions ...
Read more >
ServiceAuthorizationManager Class (System.ServiceModel)
This class does not perform any authorization and allows users to access all service operations. To provide more restrictive authorization, you must create...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found