Duke.Owin.VkontakteMiddleware icon indicating copy to clipboard operation
Duke.Owin.VkontakteMiddleware copied to clipboard

Published 20 hours ago verified publisher icon DukeNuken

Many "error = access_denied"

Open coronag opened this issue 8 years ago • 3 comments

I'm having issues with those : InvokeReplyPathAsync and AuthenticateCoreAsync.

1/ First issue : Sometimes but very often my redirect URI got called with parameter "error=access_denied". I see in InvokeReplyPathAsync that this means "context.Identity" is null but I didn't manage to understand why on two connect tries (same account, same context, same test in fact) I got one correct connect (no problem) and the second after for the same test I got this "context.Identity" which is null. I don't reproduce it locally or on a staging environment but only on production environment which make it harder to debug. Do you know what could make "context.Identity" to be null ? An await/async problem ? A VK api issue ? but why no exception (as if all went well but Identity still null for this issue) ?

2/ Second one : got an exception but no message :(. Kind awkward too, hard to debug. If you have ideas, much appreciated.

Thanks for the help.

coronag avatar Jun 21 '16 08:06 coronag

Found a possible response : state could be the issue. Not stored (session/cookie) or even passed to vk or even in the redirected uri.

With multiple connect at the same time : how "Options.StoreState" works ? How is it stored / retrieved through requests ?

coronag avatar Jun 23 '16 11:06 coronag

It seems that giving "state" param to VK "authorize" request resolve my issue. Vk is giving it back to the redirect uri, perfect.

coronag avatar Jun 23 '16 11:06 coronag

If you want to see with lines of code : https://github.com/sociabble/Duke.Owin.VkontakteMiddleware/commit/4cfacc320e35bd889e4262af57c407dd5ec9340a

coronag avatar Jun 23 '16 11:06 coronag