C#C
C#4y ago
sonodan.

❔ Authorize attribute automatically triggering oauth scheme

Hi all.

I have a login endpoint that I want to call that will trigger my authenication scheme like so:

    [HttpGet]
    [Route("login")]
    [AllowAnonymous]
    public async Task Login()
    {
      await HttpContext.ChallengeAsync(
        RedditAuthenticationDefaults.AuthenticationScheme, new AuthenticationProperties()
        {
          RedirectUri = "https://localhost:7109/api/Accounts/register"
        });
    }


I also have another endpoint, register , which has an [Authorize] attribute. I want to test that visiting the Register controller before being authenticated returns an error code, but instead it automatically triggers a challenge to my auth provider, which isn't the intended behaviour I would like. I want users only to be able to authenticate using the login end point. Is there a way to override this behaviour?

    [HttpGet]
    [Route("register")]
    [Authorize]
    public async Task Register()
    {
      // controller logic
    }
Was this page helpful?