Azure Mobileクライアントのカスタム認証が[Authorize]属性を持つコントローラにアクセスできない

Question

Xamarin.Formsプラットフォーム上でAzure Mobile Service Clientをカスタム認証で使用しています。

.LoginAsync("custom", user)を使用してログインが、それはその値で<MobileServiceClient>.CurrentUserをフックし、自動的に非ヌルMobileAuthenticationTokenとUserIdとMobileServiceUserを返し、その中で正しく動作するように見えます。

しかし、私がCurrentUserの値を調べると、私はMobileServiceInvalidOperationException .. (Unauthorized)という応答を得ます。これはまだ同じです。

MobileServiceClientで何か不足していますか？私が理解しているのは、.CurrentUserにnull以外の値がある場合は、そのヘッダにX-ZUMO-AUTHヘッダーの値が含まれることです。

サーバーのログイン：

[Route(".auth/login/custom")] 
public class AuthController : ApiController 
{ 
    private readonly AppContext _context; 

    private readonly string 
     _singningKey = Environment.GetEnvironmentVariable("WEBSITE_AUTH_SIGNING_KEY"); 

    private readonly string 
     _audience; 

    private readonly string 
     _issuer; 

    public AuthController() 
    { 
     _context = new AppContext(); 

     var website = Environment.GetEnvironmentVariable("WEBSITE_HOSTNAME"); 
     _audience = $"https://{website}/"; 
     _issuer = $"https://{website}/"; 
    } 

    public HttpResponseMessage Post([FromBody] LoginUser body) 
    { 
     if (body?.Username == null || body.Password == null || body.Username.Length == 0 || body.Password.Length == 0) 
     { 
      return Request.CreateUnauthorizedResponse(); 
     } 

     if (!IsValidUser(body)) 
     { 
      return Request.CreateUnauthorizedResponse(); 
     } 

     var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, body.Username) }; 

     var token = AppServiceLoginHandler.CreateToken(claims, 
       _singningKey, 
       _audience, 
       _issuer, 
       TimeSpan.FromHours(24)); 

     return Request.CreateResponse(HttpStatusCode.OK, new LoginResult 
     { 
      AuthenticationToken = token.RawData, 
      User = new LoginResultUser() { UserId = body.Username } 
     }); 
    } 

    protected override void Dispose(bool disposing) 
    { 
     if (disposing) 
     { 
      _context.Dispose(); 
     } 
     base.Dispose(disposing); 
    } 

    private bool IsValidUser(LoginUser user) 
    { 
     .. this works fine 
    } 
} 

public class LoginUser 
{ 
    [JsonProperty("username")] 
    public string Username { get; set; } 
    [JsonProperty("password")] 
    public string Password { get; set; } 
} 

public class LoginResultUser 
{ 
    [JsonProperty("userId")] 
    public string UserId { get; set; } 
} 

public class LoginResult 
{ 
    [JsonProperty("authenticationToken")] 
    public string AuthenticationToken { get; set; } 
    [JsonProperty("user")] 
    public LoginResultUser User { get; set; } 
} 

クライアントログイン：

var database = new MobileServiceClient(BackendApiServerAddress); 
var result = await database.LoginAsync("custom", JObject.FromObject(user)); //this sets database.CurrentUser to a MobileServiceUser with MobileAuthenticationToken and UserId and returns the value 
await database.SyncContext.PushAsync(); // this fails 

例外：

{Microsoft.WindowsAzure.MobileServices.MobileServiceInvalidOperationException: The request could not be completed. (Unauthorized) 
    at Microsoft.WindowsAzure.MobileServices.MobileServiceHttpClient+<ThrowInvalidResponse>d__24.MoveNext() [0x001ec] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.MobileServiceHttpClient+<SendRequestAsync>d__26.MoveNext() [0x000fc] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter`1[TResult].GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.MobileServiceHttpClient+<RequestAsync>d__18.MoveNext() [0x000fa] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter`1[TResult].GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.MobileServiceTable+<ReadAsync>d__20.MoveNext() [0x000a3] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter`1[TResult].GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.MobileServiceTable+<ReadAsync>d__18.MoveNext() [0x00141] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter`1[TResult].GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.Sync.PullAction+<ProcessTableAsync>d__14.MoveNext() [0x0015c] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.Sync.TableAction+<ExecuteAsync>d__29.MoveNext() [0x002a5] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.Sync.MobileServiceSyncContext+<ExecuteSyncAction>d__34.MoveNext() [0x0008e] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at Microsoft.WindowsAzure.MobileServices.Sync.MobileServiceSyncContext+<PullAsync>d__30.MoveNext() [0x0039b] in <42e24ce875d34485ad11c4f8aebb904a>:0 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() [0x0000c] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0003e] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x00028] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x00008] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at System.Runtime.CompilerServices.TaskAwaiter.GetResult() [0x00000] in <3fd174ff54b146228c505f23cf75ce71>:0 
    at FRAOffline.Backend.Database.DbContext+<SyncCustomersAsync>d__32.MoveNext() [0x00049] in C:\Users\Heather\Documents\Visual Studio 2017\Projects\FRAOffline\FRAOffline\FRAOffline\Backend\Database\Customers.DbContext.cs:83 } 

Answer 1

あなたの説明によると、カスタム認証は、クライアントユーザを検証し、authenticationTokenを生成することがありました成功しました。認証/許可の設定を確認し、要求が認証されていない場合にアクションを実行するように設定することをお勧めします。〜Azure Mobile Appの「設定>認証/承認」さらにfiddlerを利用して、await database.SyncContext.PushAsync()を呼び出すときにネットワークトレースをキャプチャすることをお勧めします。また、この問題を狭めるために、次のようにまた、あなたのテーブルコントローラに対する要求をシミュレートするために郵便配達を使用することができます。また

GET https://{your-app-name}.azurewebsites.net/tables/{table-name} 
Header x-zumo-auth:{authenticationToken} 

を、あなたもCustom AuthenticationとAuthentication in the Backendについてエイドリアン・ホールの本をたどることができます。