Unable to obtain configuration from IdentityServer4
Question
Welcome, It is my first try of using Docker containers to host to services. I have two services: Integrity-Identity and Integrity-API .
Integrity-Identity is using the latest version of IdentityServer4. Here is Integrity-Identity Startup.cs configuration:
public IServiceProvider ConfigureServices(IServiceCollection services) {
services.AddDbContext<IntegrityIdentityContext>(options =>
options.UseSqlServer(Configuration["connectionString"]));
services.AddIdentity<ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores<IntegrityIdentityContext>()
.AddDefaultTokenProviders();
services.AddMvc();
services.AddIdentityServer(options => {
options.IssuerUri = null;
})
.AddSigningCredential(Certificate.Certificate.Get())
.AddInMemoryIdentityResources(Config.GetIdentityResources())
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients())
.AddAspNetIdentity<ApplicationUser>()
.AddCorsPolicyService<InMemoryCorsPolicyService>();
RegisterEventBus(services);
services.AddTransient<Seeder>();
var container = new ContainerBuilder();
container.Populate(services);
return new AutofacServiceProvider(container.Build());
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env) {
if (env.IsDevelopment()) {
app.UseDeveloperExceptionPage();
}
app.UseCors(builder => builder.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod().AllowCredentials());
app.UseIdentityServer();
ConfigureEventBus(app);
app.UseMvcWithDefaultRoute();
}
Here is Integrity-API Startup class:
public IServiceProvider ConfigureServices(IServiceCollection services) {
services.AddDbContext<IntegrityApiContext>(options =>
options.UseSqlServer(Configuration["secrets:connectionString"]));
services.AddMvcCore()
.AddAuthorization()
.AddJsonFormatters();
services.AddAuthentication("Bearer")
.AddIdentityServerAuthentication(options =>
{
options.Authority = Configuration["IdentityUrl"];
options.ApiName = "integrity_api";
options.RequireHttpsMetadata = false;
});
services.AddCors(options => {
options.AddPolicy("CorsPolicy",
builder => builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
});
var container = new ContainerBuilder();
container.Populate(services);
return new AutofacServiceProvider(container.Build());
}
docker-compose.override.yml (I am attaching it but I do not know is this importent for this problem)
integrity.identity:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=https://0.0.0.0:443
- ASPNETCORE_HTTPS_PORT=443
- EventBusConnection=rabbitmq
ports:
- "5105:443"
volumes:
- ${APPDATA}/ASP.NET/Https:/root/.aspnet/https:ro
integrity.api:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=https://+:443
- ASPNETCORE_HTTPS_PORT=443
- EventBusConnection=rabbitmq
- IdentityUrl=https://integrity.identity
- ApiUrl=https://integrity.api
ports:
- "5115:443"
volumes:
- ${APPDATA}/ASP.NET/Https:/root/.aspnet/https:ro
When I am trying to get resource from controller with [Authorize] property and with generated token, Identity-API returns this:
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://integrity.identity/.well-known/openid-configuration'.
at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
at IdentityServer4.AccessTokenValidation.IdentityServerAuthenticationHandler.HandleAuthenticateAsync() in C:\local\identity\server4\AccessTokenValidation\src\IdentityServerAuthenticationHandler.cs:line 61
at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Cors.Infrastructure.CorsMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
Edit 1
I forgot to add the /.well-known/openid-configuration works in browser and certificate/https is correct and working without any warnings.
1 answers
solution1
3 ACCPTED 2018-11-30 19:47:47
I found solution for this issue. The problem was caused for self signed local certificate. For local development I only need to change from HTTPS to HTTP. And that was it.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
IdentityServer4: Unable to obtain configuration from: 'https://myServer/.well-known/openid-configuration
IdentityServer4 IDX20803: Unable to obtain configuration from: 'System.String'
IdentityServer4 within Docker container - Exception IDX20803: Unable to obtain configuration from: 'System.String'
Obtain IsPersistent setting from IdentityServer4 openIdConnect
IdentityServer4 Configuration Issue
IdentityServer4 How does oidc know where to redirect to from configuration
IDX20803: Unable to obtain configuration from: 'https://localhost/IdentityServer/Core/.well-known/openid-configuration'
Unable to build IdentityServer4 on Windows 10 machine
Accessing IdentityServer4 Introspection from .NET 4.5
Issue a new claim from ChallengeResult() in IdentityServer4
Related Tags