I have an application using Windows Authentication and have coded a custom method using the documentation at https://www.radzen.com/documentation/invoke-custom-method/ as an example. All is working nicely but, I've noticed a couple of quirks when running in the Radzen development environment that I am not sure how to work around.
When I run the application, Radzen launches the browser to http://localhost:8000/ and everything works perfectly.
If I leave the browser alone for a period of time (say 5 minutes) and then come back to it and straight away click on any button which runs the Invoke custom method handler, it immediately brings up a login window:
If I cancel the login box, a 401 (Unauthorized) error is logged in Chrome. It seems that if I cancel the login box and then execute anything which performs an OData call (e.g. refresh a datagrid) then something refreshes as the Invoke custom method handler starts working again. I don't think this is related to the auth token expiring as I have the TokenProviderOptions.cs in the ignore list and have the expiration set to 480 minutes.
If I run a new browser window under a different user account on my machine and navigate to the same URL, everything works perfectly except for any event handlers which Invoke custom method - all of these error with the following error:
Unfortunately we are not sure what could cause this problem. You can try debugging the security.service.ts that Radzen has generated (or add some logging code there). Basically it should refresh the token when it expires. The AccountController should use TokenProviderOptions.Expiration when generating the token.
I've debugged the security.service.ts that Radzen has generated within the Radzen environment and everything looks fine. I can see the token being passed and it isn't expired which makes sense. AccountController is picking up the same TokenProviderOptions.Expiration. As a test, I ran the code once with a Visual Studio debugger attached. When I pressed the button in my Radzen application which has the Invoke Custom method handler, the output shown in Visual Studio from a successful operation was:
I then left the website for 5 minutes and pressed the same button again. The Sign in dialog shown in my original post was displayed. The output shown in Visual Studio now shows an Authorization failure and a "Negotiate was challenged".
Then I am really out of ideas why authorization would fail. Could you try this approach to see if it makes a difference? You could then put a breakpoint in the custom middleware to see what's happening.
