Identity server 3 remember me not working when we give “/identity” path

Question

I have done much research and reading on this issue and finally found that the issue is related to the Identity Server url. We have given "/Identity" to path (app.Map("/identity", idsrvApp =>) and the remember me is not working. If we remove it works. Since the application is in production and there are many clients depends on this url its not easy to change this and make it work.

Is there any other option by which we can make it work?

Here is the Identity Server settings

public void Configuration(IAppBuilder app)
    {
        app.UseCors(CorsOptions.AllowAll);
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {

            AuthenticationType = "Cookies",
            ExpireTimeSpan = new TimeSpan(0, 30, 0),
            SlidingExpiration = true
        });

        app.Map("/identity", idsrvApp =>
        {
            var corsPolicyService = new DefaultCorsPolicyService()
            {
                AllowAll = true
            };
            var idServerServiceFactory = new IdentityServerServiceFactory();

            idServerServiceFactory.ConfigureUserService("Context");
            idServerServiceFactory.CorsPolicyService = new
                Registration<IdentityServer3.Core.Services.ICorsPolicyService>(corsPolicyService);
            // use custom ViewService
            idServerServiceFactory.ViewService = new Registration<IViewService, CustomViewService>();
            idServerServiceFactory.ScopeStore = new Registration<IScopeStore, ScopeStore>();
            idServerServiceFactory.ClientStore = new Registration<IClientStore, ClientStore>();
            var options = new IdentityServerOptions
            {
                Factory = idServerServiceFactory,
                SiteName = "Login",
                IssuerUri = ConfigurationManager.AppSettings["issuerUri"],
                PublicOrigin = ConfigurationManager.AppSettings["Origin"],
                SigningCertificate = LoadCertificate(),
                AuthenticationOptions = new IdentityServer3.Core.Configuration.AuthenticationOptions()
                {
                    CookieOptions = new CookieOptions()
                    {
                        AllowRememberMe = true,
                        SecureMode = CookieSecureMode.Always,
                        RememberMeDuration = TimeSpan.FromDays(30),
                        SlidingExpiration = true
                    },
                    EnablePostSignOutAutoRedirect = true,
                    LoginPageLinks = new List<LoginPageLink>(){
                        new LoginPageLink() {
                             Href = "forgotpassword",
                             Text = "Reset Your Password",
                             Type = "forgotpassword"
                        }
                   }
                }
            };
            idsrvApp.UseIdentityServer(options);
        });
    }
    X509Certificate2 LoadCertificate()
    {
        return new X509Certificate2(
            string.Format(@"{0}\certificates\idsrv3test.pfx",
            AppDomain.CurrentDomain.BaseDirectory), "idsrv3test");
    }

Here are some of the posts where Brock Allen and LeastPrivileage has responded but no solution has been provided. These issues are having the same problem.

https://github.com/IdentityServer/IdentityServer3/issues/3693

and

https://github.com/IdentityServer/IdentityServer3/issues/2426

Answer 1

Finally I have found the answer. When we give "/identity" for our Identity Server route the cookie is generated for the path "/identity" and this is the reason why the remember me is not working.

To fix this we have to give cookie path as Path = "/" for CookieOptions like below

  app.Map(
            "/identity",
            coreApp =>
                {
                    var factory =
                        new IdentityServerServiceFactory()
                            .UseInMemoryClients(Clients.Get())
                            .UseInMemoryScopes(Scopes.Get());
                    factory.ViewService = new Registration<IViewService, IdentityCustomViewService>();

                    factory.Register(new Registration<CustomIdentityDbContext>(resolver => HttpContext.Current.GetOwinContext().Get<CustomIdentityDbContext>()));

                    factory.Register(new Registration<CustomUserManager>(resolver => HttpContext.Current.GetOwinContext().GetUserManager<CustomUserManager>()));

                    factory.Register(new Registration<CustomAspNetIdentityUserService>(x => new CustomAspNetIdentityUserService(x.Resolve<CustomUserManager>())));

                    factory.Register(new Registration<UserManager<CustomIdentityUser, int>>(x => x.Resolve<CustomUserManager>()));

                    factory.UserService = new Registration<IUserService>(x => x.Resolve<CustomAspNetIdentityUserService>());

                    coreApp.UseIdentityServer(
                        new IdentityServerOptions
                        {
                            SiteName = "Identity Server",
                            SigningCertificate = Cert.Load(),
                            Factory = factory,
                            RequireSsl = true,
                            AuthenticationOptions = new IdentityServer3.Core.Configuration.AuthenticationOptions
                            {
                                IdentityProviders= ConfigureIdentityProviders,
                                EnablePostSignOutAutoRedirect = true,
                                CookieOptions = new IdentityServer3.Core.Configuration.CookieOptions()
                                {
                                    AllowRememberMe = true,
                                    SecureMode = CookieSecureMode.Always,
                                    RememberMeDuration = TimeSpan.FromDays(30),
                                    IsPersistent = false,
                                    Path = "/"
                                },
                            }
                        });

                });