First, let me explain why my question is different from other question has already beeen asked on the site around this error. I know that the authority is down and do not want to fix it
Now, the context is this article from Microsoft
services.AddAuthorization(options =>
{
var defaultAuthorizationPolicyBuilder = new AuthorizationPolicyBuilder(
JwtBearerDefaults.AuthenticationScheme,
"AnotherJwtBearerSchemee");
defaultAuthorizationPolicyBuilder =
defaultAuthorizationPolicyBuilder.RequireAuthenticatedUser();
options.DefaultPolicy = defaultAuthorizationPolicyBuilder.Build();
});
As the default authorization policy is overridden, it's possible to use the [Authorize] attribute in controllers. The controller then accepts requests with JWT issued by the first or second issuer.
Now, the above function works, user coming with either first or second authority can successfully authenticate against my service. However - the whole authentication fails when one of the authority is down, which is frustrating since I would like to auth with either authority but ends up depending on both to be up and online
My question is that: Is there anyway to ignore exception if one of the authority fails to answer. Or if there is another way to allow the intended behaviour as quoted from the MS Doc "The controller then accepts requests with JWT issued by the first or second issuer"
That was a design decision from the development team. They are not going to change It anytime in the future. The workaround for this issue is to silence the error which will prevent the whole operation from failing. Add this piece of code to both the AddJwtBearer
options.Events = new JwtBearerEvents()
{
OnAuthenticationFailed = context =>
{
context.NoResult();
return Task.FromResult(0);
}
};