Hello this is my first post. I am trying v14 of Umbraco, and have been following the tutorial on how to add a custom swagger document.
Article:
https://docs.umbraco.com/umbraco-cms/tutorials/creating-a-backoffice-api/adding-a-custom-swagger-document
I created my first simple api controller "logout" and so far so good it shows up on the swagger dashboard. I authorize myself and try requesting from swagger, at first i get a 401, which i don't understand, as i am logged in as an admin.
csharp
namespace Test.Web.Controllers.Api
{
[ApiController]
[ApiVersion("1.0")]
[MapToApi("test-v1")]
[Authorize(Policy = AuthorizationPolicies.BackOfficeAccess)]
[JsonOptionsName(Constants.JsonOptionsNames.BackOffice)]
[Route("api/v{version:apiVersion}/test")]
public class LogoutController : Controller
{
private readonly INotificationService _notificationService;
private readonly IBackOfficeSecurityAccessor _backOfficeSecurityAccessor;
private readonly IHttpContextAccessor _httpContextAccessor;
public LogoutController(IBackOfficeSecurityAccessor backOfficeSecurityAccessor, INotificationService notificationService, IHttpContextAccessor httpContextAccessor)
{
_backOfficeSecurityAccessor = backOfficeSecurityAccessor;
_notificationService = notificationService;
_httpContextAccessor = httpContextAccessor;
}
[HttpPost("logout")]
[MapToApiVersion("1.0")]
[ProducesResponseType(typeof(string), StatusCodes.Status200OK)]
public IActionResult Logout()
{
IUser? user = _backOfficeSecurityAccessor?.BackOfficeSecurity?.CurrentUser;
if (user == null)
{
return Unauthorized();
}
return Ok();
}
}
}
The policy
[Authorize(Policy = AuthorizationPolicies.BackOfficeAccess)]
Does not seem to be related/assigned to my role, what am i missing ?