Web API Token Authentication throws exception No authentication handler is configured to handle the scheme: Microsoft.AspNet.Identity.Application

Question

I have implemented Token Authentication for Web API using ASP.Net Core by following the solution mentioned in following post Token Based Authentication in ASP.NET Core

To implement the authentication logic, I have defined following method

public async Task<bool> AuthenticateUser(string email, string password)
{
    UserManager<ApplicationUser> _userManager = HttpContext.ApplicationServices.GetService(typeof(UserManager<ApplicationUser>)) as UserManager<ApplicationUser>;
    SignInManager<ApplicationUser> _signInManager = HttpContext.ApplicationServices.GetService(typeof(SignInManager<ApplicationUser>)) as SignInManager<ApplicationUser>;

    var result = await _signInManager.PasswordSignInAsync(email, password, isPersistent: false, lockoutOnFailure: false);

    if (result.Succeeded)
    {                
        return true;
    }
    else
    {
        return false;
    }
}

and the Post method with is invoked is

[HttpPost]        
public dynamic Post([FromBody] AuthRequest req)
{
string email = req.username;
string password = req.password;

try
{
    bool isAuthenticated = false; 

    //implement the authentication logic over here
    isAuthenticated = AuthenticateUser(email, password).Result;

    if (isAuthenticated)
    {
        DateTime? expires = DateTime.UtcNow.AddDays(2);
        var token = GetToken(req.username, expires);
        return new { authenticated = true, entityId = 1, token = token, tokenExpires = expires };
    }
}
catch (Exception ex)
{
    return new { authenticated = false, message = "Exception: " +  ex.Message, detailedmessage = ex.InnerException};
}

return new { authenticated = false };
}

Now the problem...

The Post executes fine on first call and returns the desired result, however, on second call, it throws following exception

On debugging I found that this exception is being thrown when following line is executed

var result = await _signInManager.PasswordSignInAsync(email, password, isPersistent: false, lockoutOnFailure: false);

It works fine when invoked for the first time but throws exception on all subsequent calls.

I've been searching for this issue for the past 2 days and all I find is that in Startup.cs app.UseIdentity(); should be invoked before adding the authentication middleware. It's already happeneing in my code.

Please suggest what am I missing here.

Answer 1

Resolved the issue by changing HttpContext.ApplicationServices.GetService() to HttpContext.RequestServices.GetService() in AuthenticateUser() method. My updated method is

public async Task<bool> AuthenticateUser(string email, string password)
    {                        
        UserManager<ApplicationUser> _userManager = HttpContext.RequestServices.GetService(typeof(UserManager<ApplicationUser>)) as UserManager<ApplicationUser>;
        SignInManager<ApplicationUser> _signInManager = HttpContext.RequestServices.GetService(typeof(SignInManager<ApplicationUser>)) as SignInManager<ApplicationUser>;

        var result = await _signInManager.PasswordSignInAsync(email, password, isPersistent: false, lockoutOnFailure: false);
        if (result.Succeeded)
        {                
            return true;
        }
        else
        {
            return false;
        }
    }