Advanced authorization plugin cannot post request to tokens/validate

Hi everyone, I’m using Orthanc 1.12.0 on Windows and its advanced authorization plugin.
The doc seems straightforward but I somehow cannot connect Orthanc (with the plugin) with my auth server. The auth is written in .NET 6. The Post requests seem to never actually hit my server so I am not sure what goes wrong here.

When I try to turn on verbose log,

I0607 23:35:50.541811 HttpServer.cpp:1262] (http) GET /instances
I0607 23:35:50.541811 PluginsManager.cpp:161] (plugins) Testing whether access to system "/instances" is allowed with a resource token
I0607 23:35:50.542812 PluginsManager.cpp:161] (plugins) New HTTP request to: http://localhost:5020/respository/orthanc/tokens/validate (timeout: 10s)
I0607 23:35:50.546812 PluginsManager.cpp:161] (plugins) HTTP status code 400 in 2 ms after POST request on: 
http://localhost:5020/respository/orthanc/tokens/validate
E0607 23:35:50.546812 PluginsManager.cpp:153] Error in HTTP request, received HTTP status 400 (Bad Request) after POST request on: 
http://localhost:5020/respository/orthanc/tokens/validate
E0607 23:35:50.546812 PluginsManager.cpp:153] Bad request

I wonder what Orthanc and the plugin sent? Because, if I manually send a Post without a body, it returns 415. And if I send with any body (even with { }, for testing purpose), my /tokens/validate API would return 200 OK with

{
    "granted": true,
    "validity": 5
}

My config is (somewhat copied from here)

{
    "Authorization": {
        "WebServiceTokenValidationUrl" : "http://my-auth-server/tokens/validate",
        "TokenHttpHeaders" : [ "Authorization" ],
        "TokenGetArguments": [ "Authorization" ],
        "StandardConfigurations" : [
            "osimis-web-viewer",
            "stone-webviewer",
            "orthanc-explorer-2"
        ],
        "CheckedLevel": "studies",
        "Permissions" : [...]
    }
}

Really appreciate all your helps… Where should I look for leads next? I’m a bit clueless now. Thank you in advanced!

Hi,

I can only recommend you to dump the payload you receive on your webservice side before it is being processed or parsed by your framework.

FYI, the structure of the payload is defined here

class TokenValidationRequest(BaseModel):
    dicom_uid: Optional[str] = Field(alias="dicom-uid", default=None)
    orthanc_id: Optional[str] = Field(alias="orthanc-id", default=None)
    token_key: Optional[str] = Field(alias="token-key", default=None)
    token_value: Optional[str] = Field(alias="token-value", default=None)
    server_id: Optional[str] = Field(alias="server-id", default=None)
    level: Optional[Levels]
    method: Methods
    uri: Optional[str]

HTH,

Alain.

1 Like