active-directory-b2c-dotnet-webapp-and-webapi icon indicating copy to clipboard operation
active-directory-b2c-dotnet-webapp-and-webapi copied to clipboard
verified publisher icon Azure-Samples

Issues after authentication page

Open lla23 opened this issue 8 years ago • 6 comments

I experience all sorts of issues after I have logged in with e-mail address and pw. The page sometimes doesn't come back, it's bouncing between microsoft authentication website and the application. Sometimes it comes back with message "Error. We're having trouble logging you in" with no more explanation. this time I get the same with following explanation: "IDX21323: RequireNonce is '[PII is hidden by default. Set the 'ShowPII' flag in IdentityModelEventSource.cs to true to reveal it.]'. OpenIdConnectProtocolValidationContext.Nonce was null, OpenIdConnectProtocol.ValidatedIdToken.Payload.Nonce was not null. The nonce cannot be validated. If you don't need to check the nonce, set OpenIdConnectProtocolValidator.RequireNonce to 'false'. Note if a 'nonce' is found it will be evaluated.". On the other hand, I see my user name in the above right-hand menu and "Sign out" next to it, indicating I'm logged in.

lla23 avatar Apr 19 '18 10:04 lla23

This error seems to be only on the To-do List page, not on the claims page

lla23 avatar Apr 19 '18 11:04 lla23

image

lla23 avatar Apr 19 '18 11:04 lla23

Sometimes the error is directly on the sign-up sign-in page. I found the code to continuously loop in the fillowing: public void SignUpSignIn() { // Use the default policy to process the sign up / sign in flow if (!Request.IsAuthenticated) { HttpContext.GetOwinContext().Authentication.Challenge(); return; }

lla23 avatar Apr 21 '18 07:04 lla23

Browser keeps bouncong on the following request, is there something wrong with it? https://login.microsoftonline.com/te/mytenant.onmicrosoft.com/b2c_1_signupin/oauth2/v2.0/authorize ?client_id=b290ee9e-550a-4578-aeb7-1c8b7826b4d9 &redirect_uri=https%3A%2F%2Fauth-webapp.azurewebsites.net%2F &response_mode=form_post &response_type=code%20id_token &scope=openid%20profile%20offline_access%20https%3A%2F%2Fmytenant.onmicrosoft.com%2Fdemoapinative%2Fread%20https%3A%2F%2Fmytenant.onmicrosoft.com%2Fdemoapinative%2Fwrite &state=OpenIdConnect.AuthenticationProperties%3DJ-9H1r-E0UcLK3hPiG5f7QvEPAo2xcqXWCimSiXQF2aSLVIw7PBhe9jByunGE-7ddNrxuiRpmgtF_BhdvjEo4xP2u-xJZYoRK5Kn-XZRCIR83GtQFln5UOPGhNyxPbmkpQJszEYdQpzclIC9K4RirjgMZiq-JcfMzOaCHyGvoGfsxt4PKQvd7GIMaMnEIzw_b-22YfnHNAREM4NFiOWcO5XvEy8i7m3BePSfU90foCR2b77Q_Ae0SRQZUEYmMCpFbsbGjsdTbv5LPIsjisqqLg &nonce=636598940997696337.ZjA2YTM5YmQtMTRjOS00OGEzLWFjNTUtZjFjZDEyMmNjYzRkMjkxMDY1OWEtY2VlNC00YzY4LTk4YjctYTZmZTNhYzE3NWQx &x-client-SKU=ID_NET451 &x-client-ver=5.2.1.0

lla23 avatar Apr 21 '18 08:04 lla23

Seems like this is related to: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issues/915

poebrand avatar Jul 06 '18 21:07 poebrand

If your B2C policy names are actually mixed case (e.g. B2C_1_SignUpIn), you might be experiencing this. I issued pull request #119 that addresses that case.

Turbo549 avatar Dec 16 '21 21:12 Turbo549