Search code examples
servicestack

How to work around a breaking change in ServiceStack.AuthDtos removing oauth_token


With the release of ServiceStack v.8.1.0, the authDtos.cs dropped the oauth_token property on the Authenticate class. I guess we were never supposed to use it and we were supposed to use AccessToken, but, alas, my company didn't know that. We built our APIs to read oauth_token in our overrides of the AuthenticateAsync. Now we can't upgrade beyond v.8.0 without an overhaul of our clients to pass AccessToken instead of oauth_token.

Is there some C# expert coding that we can apply so our clients can keep sending oauth_token to our /authenticate endpoint?


Solution

  • Your clients can still send oauth_token with old DTOs and your AuthProvider will still be able to read it off the queryString, e.g:

    var token = Request.QueryString["oauth_token"];
    

    Or support both newer clients using AccessToken and older clients using older DTOs:

    public override async Task<object> AuthenticateAsync(
        IServiceBase service, IAuthSession session, Authenticate request)
    {
        var token = request.AccessToken ?? service.Request.QueryString["oauth_token"];
    }