I am new to ASP.NET or C# programming. In my new assignment, I am working on adding authentication middleware, checking JWT token for validation, etc. I followed this URL to add an authentication middleware to my ASP.net application - http://odetocode.com/blogs/scott/archive/2015/01/15/using-json-web-tokens-with-katana-and-webapi.aspx
While I have been successful in getting the token generated when accessing the /token url, this has been though been possible when running only in Debug mode. If I change the build configuration to Release, accessing /token url, starts giving me 404 error.
I compared the output that shows up in the Visual Studio 2013 Output view and found extra 2 lines in the debug mode that do not show up in Release mode. The two lines are -
'MetaAPI.vshost.exe' (CLR v4.0.30319: MetaAPI.vshost.exe): Loaded 'C:\windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll'. Cannot find or open the PDB file.
'MetaAPI.vshost.exe' (CLR v4.0.30319: MetaAPI.vshost.exe): Loaded 'C:\windows\Microsoft.Net\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll'. Cannot find or open the PDB file.
I do not know if these indicate the root of the problem. I added reference to System.Web and System.Web.Extensions to the project, but it did not help.
How to fix this? Any suggestion?
Most likely because of #if DEBUG condition
public class MyOAuthOptions : OAuthAuthorizationServerOptions
{
public MyOAuthOptions()
{
TokenEndpointPath = "/token";
AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(60);
AccessTokenFormat = new MyJwtFormat();
Provider = new MyOAuthProvider();
#if DEBUG // HERE
AllowInsecureHttp = true;
#endif
}
}
In Release Mode the MyOAuthOptions expect traffic over HTTPS. Just remove the #if DEBUG and #endif and keep AllowInsecureHttp = true if you test your application on local machine or insecure http.
Bear in mind though that on production environment the HTTPS is a must and above code should work just fine.