IdentityServer3 connect/token endpoint always return 401: unauthorized

Question

I am trying to setup IdentityServer3 for my project.

When I run IdentityServer3 on local development machine it works all fine, but when I host it on the shared server I get a 401 error. I am trying to access token using endpoint connect\\token. Here is the configuration for identityserver3

IdentityServerOptions identityServerOptions = new IdentityServerOptions
{
    SiteName = "Ripple IdentityServer",
    SigningCertificate = LoadCertificate(),
    AuthenticationOptions = new IdentityServer3.Core.Configuration.AuthenticationOptions
    {
        EnablePostSignOutAutoRedirect = true,
    },
    LoggingOptions = new LoggingOptions
    {
        EnableWebApiDiagnostics = true,
        WebApiDiagnosticsIsVerbose = true,
        EnableHttpLogging = true,
        EnableKatanaLogging = true
    },

    Factory = factory,
};

The strange thing is I am not getting any logs. I know the logs are working because when I access the connect/authorize endpoint, I can see log information. Here is my client registration

client = new Client
{
    ClientId = app.Id,
    ClientName = app.Name,
    Flow = Flows.ResourceOwner,
    AllowedScopes = app.AllowedScopes.Split(';').ToList(),
    AllowedCorsOrigins = new List<string> { "*" }
};
if (app.Secret != null && app.Secret != "")
{
    client.ClientSecrets = new System.Collections.Generic.List<Secret>();
    app.Secret = app.Secret.Replace("{", "").Replace("}", "");

    string[] secrets = app.Secret.Split(',');
    foreach (var s in secrets)
    {
        client.ClientSecrets.Add(new Secret(s.Sha256()));
    }
}

Here is the client code to get access token

var data = new StringContent(string.Format("grant_type=password&username={0}&password={1}&Domain={2}&scope={3}",
HttpUtility.UrlEncode(username),
HttpUtility.UrlEncode(password),
HttpUtility.UrlEncode(domainId),
HttpUtility.UrlEncode(requiredScope)), Encoding.UTF8, "application/x-www-form-urlencoded");

client.DefaultRequestHeaders.Authorization =
            new AuthenticationHeaderValue(
                "Basic",
                Convert.ToBase64String(
                System.Text.ASCIIEncoding.ASCII.GetBytes(
                string.Format("{0}:{1}", applicationId, appSecretKey))));

HttpResponseMessage response = client.PostAsync("connect/token", data).Result;

Without logs, I am totally lost. Where should I look for more information to debug?

Answer 1

Found solution. Shared hosting like godaddy did not support Basic authentication. So request to access token was getting rejected on server level. That was the reason why no log file was not are getting generated.

To work around this problem, I have to implement my own version on ISecretParser. In this implementation i parsed of my own authentication header

eg Authentication MyAuth ClientID:ClientSecret

Then register this parser with IdentityServerServiceFactory and it worked like charm.

I hope this solution will help others who are trying to host IdentiyServer3 on shared servers.