I am trying to call a soap api that requires a bearer authorization token and a subscription key from .net core but I am getting the following exception that I don't understand.
MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was ''.
I have verified that the subscription key and token is working with SoapUI. This is the SoapUI call:
POST {{URL}} HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
SOAPAction: "{{ACTION}}"
Authorization: Bearer Tplen
Subscription-Key: {{KEY}}
Content-Length: 343
Host: {{HOST}}
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.5.5 (Java/12.0.1)
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="{{REPLACED}}">
<soapenv:Header/>
<soapenv:Body>
<ser:REPLACED>
<!--Optional:-->
<ser:REPLACED>VALUE</ser:REPLACED>
</ser:REPLACED>
</soapenv:Body>
</soapenv:Envelope>
This is my code to call the endpoint:
var binding = new BasicHttpsBinding();
var factory = new ChannelFactory<ITestContractChannel>(binding, new EndpointAddress(url));
factory.Endpoint.EndpointBehaviors.Add(new Test());
var channel = factory.CreateChannel();
var result = await channel.GetTestAsync("1");
Using Test endpoint behavior
public class Test : IEndpointBehavior
{
public void AddBindingParameters(ServiceEndpoint endpoint, BindingParameterCollection bindingParameters)
{
}
public void ApplyClientBehavior(ServiceEndpoint endpoint, ClientRuntime clientRuntime)
{
clientRuntime.ClientMessageInspectors.Add(new TestHeaderInspector());
}
public void ApplyDispatchBehavior(ServiceEndpoint endpoint, EndpointDispatcher endpointDispatcher)
{
}
public void Validate(ServiceEndpoint endpoint)
{
}
}
And following code to add the headers
public class TestHeaderInspector : IClientMessageInspector
{
public void AfterReceiveReply(ref Message reply, object correlationState)
{
}
public object BeforeSendRequest(ref Message request, IClientChannel channel)
{
var httpRequestMessage = new HttpRequestMessageProperty();
httpRequestMessage.Headers.Add("Subscription-Key", key);
httpRequestMessage.Headers.Add("Authorization", "Bearer "+ token);
request.Properties.Add(HttpRequestMessageProperty.Name, httpRequestMessage);
return null;
}
}
According to the error message you provided, I think this may be because your custom headers were not successfully added to the message. I think you can try to use OperationContextScope to add custom headers. There is an example in this link. You can refer to it: