azure-activedirectory-identitymodel-extensions-for-dotnet icon indicating copy to clipboard operation
azure-activedirectory-identitymodel-extensions-for-dotnet copied to clipboard

Published 20 hours ago verified publisher icon AzureAD

[Bug] OpenIdConnect issue

Open davhev8619 opened this issue 3 months ago • 0 comments

Which version of Microsoft.IdentityModel are you using? Bug from version 7.4.0 and upwards

Where is the issue?

  • [ ] M.IM.JsonWebTokens

  • Other (please describe)

Is this a new or an existing app? a. The app is in production and I have upgraded to a new version of Microsoft.IdentityModel.*

Repro Use OpenIdConnect as authentication

services.AddAuthentication(options => {
    options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(options => {
    options.Authority = "https://your-identity-provider";
    options.ClientId = "your-client-id";
    options.ClientSecret = "your-client-secret";
    options.ResponseType = "code";
    options.CallbackPath = "/signin-oidc";  // Ensure this matches the redirect URI configured in the IdP
});

Expected behavior Authentication should work

Actual behavior An unhandled exception occurred while processing the request. InvalidOperationException: Cannot redirect to the authorization endpoint, the configuration may be missing or invalid. Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsyncInternal(AuthenticationProperties properties)

Stack Query Cookies Headers Routing InvalidOperationException: Cannot redirect to the authorization endpoint, the configuration may be missing or invalid. Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsyncInternal(AuthenticationProperties properties) Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsync(AuthenticationProperties properties) Microsoft.AspNetCore.Authentication.AuthenticationHandler<TOptions>.ChallengeAsync(AuthenticationProperties properties) Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, string scheme, AuthenticationProperties properties) Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler+<>c__DisplayClass0_0+<<HandleAsync>g__Handle|0>d.MoveNext() Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddlewareImpl.Invoke(HttpContext context)

Possible solution Check difference between <PackageReference Include="Microsoft.IdentityModel.JsonWebTokens" Version="7.3.1" /> where it works

davhev8619 avatar May 02 '24 12:05 davhev8619