stackoom
  简体   繁体   中英

MVC Client with Identity Server4 authentication falls into infinite Redirect loop

 原文  2021-08-20 10:12:41       c#/ .net/ cookies/ identityserver4/ setcookie

Question

I have developed Identity Server Admin which manages Client and Users and IdentityServer4 which manages Authenticating. both application developed in Asp.Net Core 3.1

Identity Sever Admin is multi tenant application as tenant name in host subdomain.

I have deployed in Azure App Service and used custom domain for both Identity Server Admin(MVC Client) and IdentityServer4

Identity Server Admin - https://tenant1.identityserveradmin.com , https://tenant2.identityserveradmin.com , https://allegion.identityserveradmin.com

IdentityServer4 - https://sts.identityserveradmin.com

in the above domains

tenant1 and tenant2 works perfectly as it get authenticate with Identity server4 and save the cookies but allegion domain doesn't save the cookie and goes into redirect loop

below is my cookie configuration in my startup.cs

services.AddAuthentication(options =>
                {
                    options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                    options.DefaultChallengeScheme = AuthenticationConsts.OidcAuthenticationScheme;

                    options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                    options.DefaultForbidScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                    options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                    options.DefaultSignOutScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                })
                    .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme,
                        options =>
                        {
                            options.Cookie.Name = adminConfiguration.IdentityAdminCookieName;

                            options.Cookie.SameSite = SameSiteMode.None;
                            options.Cookie.HttpOnly = true;
                            options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
                            options.Events = new CookieAuthenticationEvents
                            {
                                OnSignedIn = context => OnSignedIn(context, adminConfiguration, httpContextAccessor),
                                OnSigningIn = context => OnSigningIn(context, adminConfiguration, httpContextAccessor),
                                OnValidatePrincipal = context => OnValidatePrincipal(context, adminConfiguration, httpContextAccessor)
                            };
                        })

not sure why it's happening weird any help please.

Regards, Mahendran.

1 answers

solution1
 0  2021-08-20 17:32:28

I fixed the issue myself the Client Secret was mismatching and cookies are not validated so this issue happened. now it got solved

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Connecting Xamarin client to Identity Server4 Identity Server 4 Infinite Loop Identity Server4 Unauthorized error client specific claims identity server4 using asp.net core identity Configure Swagger on AspNet Core Identity Server4 Prevent replay attack while using implicit grant in Identity server4? Identity Server4 User to select account after login Infinite login redirect loop with Google and ASP.NET Core Identity Identity Server 4 : Proper logout from MVC Client Owin app with WsFederation authentication stuck in infinite redirect loop
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM