Okay, for the life of me, I can't get this moving... I want to essentially enable CORS on the Visual Studio 2013 SPA Template. Why? Because I want to have other clients that connect to the application via Web API, but I also want to have a fully functioning SPA website. I just wanted to get all the plumbing done up front. I would like the SPA template to continue to use cookies with OWIN as it does out of the box, but I want to be able to write a console application to hit the API directly. When I make a call to the "Token" endpoint as configured by default, my console application keeps giving me an "invalid_client".
Not sure if it matters, but I am doing this as an "Azure Cloud Service". Here is what I am doing:
- New Project -> "Azure Cloud Service"
- Add in an "ASP.NET Web Role" (WebRole1)
- Choose "Single Page Application" (Leave it as "Individual User Accounts")
- Hit OK and wait for the project to create.
- Build and run is okay. Comes up on http://localhost:49794/#
- Register a user so I can have a username and password to use.
- On the solution do an "Add New Project" to the existing solution...
- Choose a console application.
- Use HttpClient to try to connect to endpoint http://127.0.0.1:49794/Token
StatusCode: 400, ReasonPhrase: 'Bad Request', Version: 1.1, Content: System.Net.
Http.StreamContent, Headers:
{
Pragma: no-cache
X-SourceFiles: =?UTF-8?B?YzpcdXNlcnNcandhcmQxXGRvY3VtZW50c1x2aXN1YWwgc3R1ZGlvI
DIwMTNcUHJvamVjdHNcU1BBQ09SU1xXZWJSb2xlMVxUb2tlbg==?=
Cache-Control: no-cache
Date: Fri, 29 Aug 2014 02:28:28 GMT
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Content-Length: 26
Content-Type: application/json; charset=UTF-8
Expires: -1
}
{"error":"invalid_client"}
I've tried several things with EnableCors(), etc but can't seem to find anything that works. What do I need to do on the server side to get this working alongside the normal SPA authentication?
Here is my client side code:
using System;
using System.Collections.Generic;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Runtime.Serialization.Json;
namespace ConsoleApplication1
{
class Program
{
static string baseAddress = "http://127.0.0.1:49794/";
static void Main(string[] args)
{
string token = GetToken();
}
static string GetToken()
{
Console.WriteLine("Authenticating and Retrieving Bearer Token");
var payload = new Dictionary<string, string>();
payload.Add("grant_type", "password");
payload.Add("username", "myemailaddress");
payload.Add("password", "myPassword");
var payloadContent = new FormUrlEncodedContent(payload);
HttpClient client = new HttpClient();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var response = client.PostAsync(baseAddress + "Token", payloadContent).Result;
Console.WriteLine(response);
string token = response.Content.ReadAsStringAsync().Result;
DataContractJsonSerializer serializer = new DataContractJsonSerializer(typeof(OwinResponse));
OwinResponse orep = (OwinResponse)serializer.ReadObject(response.Content.ReadAsStreamAsync().Result);
Console.WriteLine(token);
return orep.access_token;
}
}
using System.Runtime.Serialization;
namespace ConsoleApplication1
{
[DataContract]
public class OwinResponse
{
[DataMember]
public string access_token { get; set; }
[DataMember]
public string token_type { get; set; }
[DataMember]
public string expires_in { get; set; }
}
}
}