-
-
Notifications
You must be signed in to change notification settings - Fork 482
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Empty string reading Httpcontext body from x-www-form-urlencoded POST #2072
Comments
Hey @paolo8417,
It is, indeed: the OpenIddict validation handler natively supports extracting access tokens from the standard Out of curiosity, what are you trying to achieve? Cheers. |
Hi Kevin, Thank you for your reply. I need to validate a signature based on raw formURL-encoding post for a controller action. I wouldn't want to enable buffering by default for all controllers. What do you think is the best solution to achieve this? |
One way to solve that would be to write a tiny middleware calling Alternatively, if you never send the access token in the request form, you can prevent OpenIddict from calling services.AddOpenIddict()
.AddValidation(options =>
{
options.RemoveEventHandler(OpenIddictValidationAspNetCoreHandlers.ExtractAccessTokenFromBodyForm.Descriptor);
}); (I'm considering adding new properties in |
OpenIddict 5.6.0 introduced the ability to disable access token extraction from the Authorization header, the body form or the query string without having to remove the event handler. E.g: services.AddOpenIddict()
.AddValidation(options =>
{
options.UseAspNetCore()
.DisableAccessTokenExtractionFromBodyForm();
}); |
Confirm you've already contributed to this project or that you sponsor it
Version
4.x
Describe the bug
Hi,
when I try to get the raw body of a x-www-form-urlencoded POST controller anonymous action I get an empty string.
If I comment app.UseAuthentication() from Program.cs I can read the body correctly, so I think this is something related to OpenIddict.
I tried in my project both version 4.x and 5.x. I try also with a simple template app, and the behavior is the same (net 6.0).
Thank you
To reproduce
Controller:
Program.cs
Exceptions (if any)
No response
The text was updated successfully, but these errors were encountered: