Dataservice call API but always Response status code does not indicate success: 401 (Unauthorized).

prof cegep 41 Reputation points
2021-09-12T12:55:45.003+00:00

Hello.

I use a DataService from client-side and when I call API it's always Response status code does not indicate success: 401 (Unauthorized)..

But when i call the very same API from the code-behind ( razor.cs) it's works #1.

I think it's related to the thhpcontext. Any suggestion?

My service :

private readonly HttpClient _httpClient;

public StageStatutDataService(HttpClient httpClient)
{
_httpClient = httpClient;
}

public async Task<IEnumerable<StageStatut>> GetAllStageStatuts()
{
return await JsonSerializer.DeserializeAsync<IEnumerable<StageStatut>>
(await _httpClient.GetStreamAsync($"api/stagestatut"), new JsonSerializerOptions() { PropertyNameCaseInsensitive = true });
}

My API :

[Authorize]
[ApiController]
[Route("api/[controller]")]
public class StageStatutController : ControllerBase
{
    private readonly IStageStatutRepository _stageStatutRepository;

    public StageStatutController(IStageStatutRepository stageStatutRepository)
    {
        _stageStatutRepository = stageStatutRepository;
    }

    [HttpGet]
    public IActionResult GetAllStageStatuts()
    {
        return Ok(_stageStatutRepository.GetAllStageStatuts());
    }
ASP.NET
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,272 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Yijing Sun-MSFT 7,066 Reputation points
    2021-09-13T09:25:16.033+00:00

    Hi @prof cegep ,

    As far as I think,The HTTP 401 Unauthorized client error status response code indicates that the request has not been applied because it lacks valid authentication credentials for the target resource.

    Web API provides a built-in authorization filter.This filter checks whether the user is authenticated. If not, it returns HTTP status code 401 (Unauthorized), without invoking the action. More details,you could refer to below article.

    Globally: To restrict access for every Web API controller, add the AuthorizeAttribute filter to the global filter list: 

    public static void Register(HttpConfiguration config)  
{  
    config.Filters.Add(new AuthorizeAttribute());  
}

    Controller: To restrict access for a specific controller, add the filter as an attribute to the controller: 

    // Require authorization for all actions on the controller.  
[Authorize]  
public class ValuesController : ApiController  
{  
    public HttpResponseMessage Get(int id) { ... }  
    public HttpResponseMessage Post() { ... }  
}

    Action: To restrict access for specific actions, add the attribute to the action method. 

    public class ValuesController : ApiController  
{  
    public HttpResponseMessage Get() { ... }  
  
    // Require authorization for a specific action.  
    [Authorize]  
    public HttpResponseMessage Post() { ... }  
}

    If the answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our  documentation  to enable e-mail notifications if you want to receive the related email notification for this thread.

    Best regards,
    Yijing Sun

    0 comments