user3900456 user3900456 - 26 days ago 7
ASP.NET (C#) Question

No authentication handler is configured to handle the scheme

This is a very annoying problem, I'm setting up cookies authentication on my asp.net core project and sometimes this error occurs and sometimes it doesn't!

There is no pattern! It just starts throwing the error and suddenly it stops, then start again...

The exception is:


InvalidOperationException: No authentication handler is configured to
handle the scheme: MyAuthScheme


This is really really annoying!
Here is my Startup.cs

public class Startup
{
public const string AuthenticationSchemeName = "MyAuthScheme";

public void ConfigureServices(IServiceCollection services)
{
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();

services.AddMvc();
}

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IHttpContextAccessor httpContextAccessor)
{
loggerFactory.AddConsole();

if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
}

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme = AuthenticationSchemeName,
LoginPath = new PathString("/login"),
AutomaticAuthenticate = true,
AutomaticChallenge = true,
SlidingExpiration = true,
});

app.UseStaticFiles();
app.UseMvc();
}
}


And this is my authentication code:

await HttpContext.Authentication.SignInAsync(Startup.AuthenticationSchemeName, new ClaimsPrincipal(new ClaimsIdentity(claims, "Cookie")));


any help on this?

Answer

I was facing this same issue and by digging into the source code, I discovered that for some reason, sometimes the IHttpAuthenticationFeature.Handler doesn't get set, and that's the reason why this error occurs. This is indeed very annoying and I fixed this issue by doing the following:

Expose your CookieAuthenticationOptions. I did this inside my Startup class:

public static readonly CookieAuthenticationOptions cookieAuthenticationOptions = new CookieAuthenticationOptions
{
    //... your settings here
};

Then in your Configure(), it becomes:

app.UseCookieAuthentication(cookieAuthenticationOptions);

Then right before calling SignInAsync, you do:

if (HttpContext.Features.Get<IHttpAuthenticationFeature>()?.Handler == null)
{
    var handler = (AuthenticationHandler<CookieAuthenticationOptions>)Activator.CreateInstance(cookieAuthenticationHandlerType);
    await handler.InitializeAsync(Startup.cookieAuthenticationOptions, HttpContext, logger, UrlEncoder.Default);

    var feature = HttpContext.Features.Get<IHttpAuthenticationFeature>() ?? new HttpAuthenticationFeature();
    feature.Handler = handler;

    HttpContext.Features.Set(feature);
}

You also need:

private static readonly Type cookieAuthenticationHandlerType = typeof(CookieAuthenticationMiddleware).Assembly.GetType("Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler");

And inject these 2 dependencies in your constructor like:

public LoginController(IHttpContextAccessor httpContextAccessor, ILoggerFactory loggerFactory)
{
    this.HttpContext = httpContextAccessor.HttpContext;
    this.logger = loggerFactory.CreateLogger(this.GetType());
}

Ps: I don't know if this is a bug or what... but I hope it gets fixed in the next release.

Comments