Skip to content

Fix frontend WebAPI auth always failing in ApiAuthenticationService#679

Draft
Copilot wants to merge 2 commits intodevelopfrom
copilot/fix-webapi-authentication-issue
Draft

Fix frontend WebAPI auth always failing in ApiAuthenticationService#679
Copilot wants to merge 2 commits intodevelopfrom
copilot/fix-webapi-authentication-issue

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Apr 26, 2026
edited
Loading

IsApiFrontAuthenticated() always returned false because it checked for [Authorize(AuthenticationSchemes = "FrontAuthentication")] on the endpoint metadata — but no web store endpoints carry that attribute.

Changes

  • ApiAuthenticationService.IsApiFrontAuthenticated(): Replace the endpoint metadata inspection with an actual AuthenticateAsync(FrontendAPIConfig.AuthenticationScheme) call. If the JWT was signed with the frontend secret key, the scheme handler validates it and returns success.
  • Method signature changed from bool to async Task<bool>; call site updated to await.
  • Removed now-unused Microsoft.AspNetCore.Authorization import.
// Before — always false; no endpoints have [Authorize(AuthenticationSchemes = "FrontAuthentication")]
private bool IsApiFrontAuthenticated()
{
    var endpoint = _httpContextAccessor.HttpContext.GetEndpoint();
    if (endpoint == null) return false;
    var authorizeAttributes = endpoint.Metadata.GetOrderedMetadata<AuthorizeAttribute>();
    return authorizeAttributes.Any(attr => attr.AuthenticationSchemes?.Contains(FrontendAPIConfig.AuthenticationScheme) == true);
}

// After — succeeds when the bearer token is a valid FrontendAPI JWT
private async Task<bool> IsApiFrontAuthenticated()
{
    var authResult = await _httpContextAccessor.HttpContext.AuthenticateAsync(FrontendAPIConfig.AuthenticationScheme);
    return authResult.Succeeded;
}

ASP.NET Core caches auth results per request, so the subsequent AuthenticateAsync call inside ApiCustomer() incurs no extra overhead.

Copilot AI linked an issue Apr 26, 2026 that may be closed by this pull request
Frontend webapi auth always fails. #678
Open
@KrzysztofPajak
Fix IsApiFrontAuthenticated to use AuthenticateAsync instead of endpo…
46d3862 
…int metadata

Agent-Logs-Url: https://github.com/grandnode/grandnode2/sessions/8cd5622c-507d-4e12-9bec-6ba9d652cf52

Co-authored-by: KrzysztofPajak <16772986+KrzysztofPajak@users.noreply.github.com>
Copilot AI changed the title [WIP] Fix frontend webapi auth always failing Fix frontend WebAPI auth always failing in ApiAuthenticationService Apr 26, 2026
Copilot AI requested a review from KrzysztofPajak April 26, 2026 14:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@KrzysztofPajak KrzysztofPajak Awaiting requested review from KrzysztofPajak

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

Assignees

@KrzysztofPajak KrzysztofPajak

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Frontend webapi auth always fails.

2 participants

@KrzysztofPajak