Open Closed

Unable to authorize apis using bearer token #6635

User avatar
0
surajlokhandemmew created

ABP Framework version: v8.0.0

UI Type: MVC but this error is while consuming api on flutter app

Database System: MongoDB

Tiered (for MVC) or Auth Server Separated (for Angular): no

Exception message and full stack trace:

when i am trying to access api using bearer token its responding with login page

Go to accepted answer
5 Answer(s)
  • User Avatar
    0
    Anjali_Musmade created
    Support Team Support Team Member

    Hi,

    Have you check this documentation https://community.abp.io/posts/consume-abp-api-from-flutter-app-adzzfnji ? please check if it helps you. if possible please give steps to reproduce or error logs.

    thanks,

  • User Avatar
    0
    surajlokhandemmew created

    Well i dont want to show webview of login page instead i am using connect/token api to get the token using below method

    ` Future<AccessToken> fetchAccessToken({
    required String username,
    required String password,
    required String grantType,
    required String clientId,
    required String clientSecret,
    required String scope,
  }) async {
    final response = await http.post(
      Uri.parse('$api/connect/token'),
      headers: <String, String>{
        'Content-Type': 'application/x-www-form-urlencoded',
      },
      body: {
        'username': username,
        'password': password,
        'grant_type': grantType,
        'client_id': clientId,
        'client_secret': clientSecret,
        'scope': scope,
      },
    );


   if (response.statusCode == 200) {
      print(response.body);
      final accessToken = AccessToken.fromJson(json.decode(response.body));
      await storeAccessToken(accessToken.accessToken, accessToken.expiresIn);
      await storeRefreshToken(accessToken.refreshToken);
      return accessToken;
    } else {
      throw Exception("Invalid username or password");
    }
  }

    and trying to authorize api using this method

    `  Future<http.Response> get(String url) async {
    String? token = await authViewModel.getValidAccessToken();
    return http.get(
      Uri.parse(url),
      headers: {
        'Authorization': 'Bearer $token',
      },
    );
  }`

    , you can try reproducing using postman just get the access token using connect/token api and use it as bearer token to access secured api it responds with login page 401 response, check screen shots

    and can i please get quick reply , this issue is delaying my deadline.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    Which scope did you pass?

    Typically they should contain the following:

    address email phone roles profile offline_access <Your API resource name>

    You can find the API resource name in the Module class

  • User Avatar
    0
    surajlokhandemmew created

    Yes figured it out , is it documented anywhere??

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    ABP has no such document it is part of OpenID connect: https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims

Assignee
No one
Labels
Non yet
Made with ❤️ on ABP v8.2.0-preview Updated on March 25, 2024, 15:11