Stack Overflow Asked by JoeD on January 29, 2021
I have an ASP.NET Core Web API 3 app that implements a REST API and uses a JWT bearer token for authorization, and Swagger (Swashbuckle).
My controller has the [Authorize] filter on it, like:
[ApiController]
[Route("api/[controller]")]
[Authorize]
public class MyController : ControllerBase
{
}
Swagger works with my API, and I can generate a JWT token and give to Swagger and it all works well.
But if I try to use Swagger to hit one of my REST endpoints without a JWT token or invalid JWT token, the Swagger UI is showing an error 401 Undocumented, but all the examples I see out on the web show that I should be getting 401 Unauthorized.
(When I hit the same URL with Postman, it does show 401 Unauthorized.)
Before I start ripping out things, any ideas why I might be getting Undocumented instead of Unauthorized?
This is what I see:
When I add the attribute suggested below
(ProducesResponseType(typeof(ProblemDetails), (int)HttpStatusCode.Unauthorized)])
I see this:
Maybe it is late but I was into this problem so know I answer that.
It shows Undocumented because there is no bearer keyword exist in start point of you Authorization header. probably your header is something like this:
Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJNb3N0YWZhOTEiLCJqdGkiOiIzNGEzNjQwNC1iZWNjLTRhMmMtOGJkZi01ZDc1ZTBiY2QwZGIiLCJJZCI6IjEiLCJleHAiOjE2MTAyNDcyMTUsImlzcyI6Im1vaGFtYWRyYXZhZWkuaW5mbyIsImF1ZCI6Im1vaGFtYWRyYXZhZWkuaW5mbyJ9.0_kKI7F12o62A_QUZ38U9KVbBpnQMyO7kGcqBZzU4AU
so you should change it to:
Authorization:
**Bearer** eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJNb3N0YWZhOTEiLCJqdGkiOiIzNGEzNjQwNC1iZWNjLTRhMmMtOGJkZi01ZDc1ZTBiY2QwZGIiLCJJZCI6IjEiLCJleHAiOjE2MTAyNDcyMTUsImlzcyI6Im1vaGFtYWRyYXZhZWkuaW5mbyIsImF1ZCI6Im1vaGFtYWRyYXZhZWkuaW5mbyJ9.0_kKI7F12o62A_QUZ38U9KVbBpnQMyO7kGcqBZzU4AU
Actually the postman set the bearer at first of Token and If you set Bearer but the Token is deprecated then the status code is going to show Unauthorized code.
Answered by ravaei on January 29, 2021
You can add app.UseStatusCodePages() in the Startup.cs.
This will then return a response body of Response Body
Answered by Gareth Hodgson on January 29, 2021
Could you please try with below attribute in the action method,
[ProducesResponseType(typeof(ProblemDetails), (int)HttpStatusCode.Unauthorized)]
Answered by Anupam Maiti on January 29, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP