Can't log in ?!!

[Walid-Abdulrazik]

I tried this code and when i run the mvc client, it connects to the identity server login page but when i enter the credentials and press log in , it returns again to the login page without errors ... if i try to enter false credentials it gives an error username and password ...

Am i missing something ?

[Angelinsky7]

@Walid-Abdulrazik thanks for your input and sorry for the mess. this project is a little bit not followed as i would like to (i don't have the time anymore) but i hope to have more time soon !!! I've updated the readme and corrected an url to make it work correctly (another issue)

If you clone the project and configure it correctly it should work as expected :

1. Port configuration :
   • MvcClient : http://localhost:5005
   • TestIdentityServer : http://localhost:5000
   • TestPolicyServer : http://localhost:5001
2. Set for each projects the "Project Startup" Mode, NOT the IIS
3. Set multiple startup projects -> set Start for all 3 projects
4. Go to http://localhost:5005, Login with test user (Alice/Bob) and test different URL
5. Should work as expected.... (I hope)

let me know !

[Walid-Abdulrazik]

Still not working, i guess something is wrong with the URL, have a look ...

http://localhost:5000/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A5005%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520policy%2520offline_access%26response_mode%3Dform_post%26nonce%3D637178137037751610.OGNlZTFmMTQtZWRkZC00NGI1LThlMjItMmRmZmQzYmMxNTUzNTg3MThkOGQtNTUxYS00ODUzLWI2ZGQtNWQxM2I4YmExNzgx%26state%3DCfDJ8DiuKmt7yNlOjSxOkWhzsG152ZtLSElDoTyOSVWPL9OenxSE_C_sy_W-gjRTN8ho3Hkua4I3oJrvyQ8espBvzTr7fuqUqvCLTw2A8z4bipH8xb5LE-fWWIScxWig43KminaeSDj67PiIjL2Z56OlWBliE8xZfophbf19aWa4ZQKfWEE1AudQh37qYQbFwkMt0zTTi_29AYEFvSPVwzJdBHg3WB5Ve5HXrwLBns8DLEEWZtfpuH0f-SWSAt_sHDQeuogwTzzXta7SeoOzmv7CT5rZ4X5Y_1mPP1EqeXWhHtE9tnfIVqxu0lw2X-HsXfFkcj6Zy6iD438OsD2pFZF5Wyk%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D5.3.0.0

[Angelinsky7]

don't know why it's not working on your side, make sure you kill all instance before starting again... here's my workflow's url. (has of just now with a fresh clone) (from the network tab of firefox)

1. Login button -> redirection to http://localhost:5005/Home/Login?returnUrl=%2F
2. http://localhost:5000/connect/authorize?client_id=mvc&redirect_uri=http%3A%2F%2Flocalhost%3A5005%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20policy%20offline_access&response_mode=form_post&nonce=637178139948889397.MmNhZjgxOGQtZTBlOS00N2Y3LWJhOGYtYmE4MmE2MTc3Y2VhMjE0YjhhMzEtNzVlNi00Yzg5LWFkYTktYzA1MDZmN2JjZjQy&state=CfDJ8K6aWoKMr8xMsqCqTDRgk1-nCfxdWQd39dAKARGuXB0jvGrQYmKRDBk_90sk5PSdkgwGmFZUm2tifX78kY_8rLcqxuTHBpGd_VsXq63VirAd4Pom5WFdl2hIewbzFtFWiva571ghdVSJyir049nlFgUstMpMhZfDlzOOlCgnZrNegbkOhnd1wocQJQbq0_qr7ZOlTPzo7O3JEGIzsfDD3dA17U9kBhKvo8eb06R9u_v_iAKIoalBOjCzr94HAomDp7c1PtO_sKkraqAwWsgHrig7U1dWjdl0FZZre60BkRmd&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.3.0.0
3. http://localhost:5000/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A5005%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520policy%2520offline_access%26response_mode%3Dform_post%26nonce%3D637178139948889397.MmNhZjgxOGQtZTBlOS00N2Y3LWJhOGYtYmE4MmE2MTc3Y2VhMjE0YjhhMzEtNzVlNi00Yzg5LWFkYTktYzA1MDZmN2JjZjQy%26state%3DCfDJ8K6aWoKMr8xMsqCqTDRgk1-nCfxdWQd39dAKARGuXB0jvGrQYmKRDBk_90sk5PSdkgwGmFZUm2tifX78kY_8rLcqxuTHBpGd_VsXq63VirAd4Pom5WFdl2hIewbzFtFWiva571ghdVSJyir049nlFgUstMpMhZfDlzOOlCgnZrNegbkOhnd1wocQJQbq0_qr7ZOlTPzo7O3JEGIzsfDD3dA17U9kBhKvo8eb06R9u_v_iAKIoalBOjCzr94HAomDp7c1PtO_sKkraqAwWsgHrig7U1dWjdl0FZZre60BkRmd%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D5.3.0.0
4. redirection to http://localhost:5000/consent?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A5005%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520policy%2520offline_access%26response_mode%3Dform_post%26nonce%3D637178143592500840.MTFlNzIwODctMjMxYy00YmMxLTkyYWUtZmRhZWUyMTNiZWY2YTNkMjg5YTMtM2Q1NC00YjhmLWI2ZGMtMjAyMTI0Y2NhYzU4%26state%3DCfDJ8K6aWoKMr8xMsqCqTDRgk195NOJdsT_p4koLYKAR3we5r9BrJWRpLMDH_YWxTPlLpFTmv4_XeDc32kzlY75wWqU0_XlT0yfVNaxsKnRlmTvUm4F3H2YabASFmbKmhEVowlf31xAyf7OASmlm9aygzV-Lide3GbK8GpPaYAKgL6RLtwYrqzGtYnK4bUcreLB2iX4YmhdOwlSYBphSSXp-_0R0gZ-tIttb48r5olIKKotAYi3h_DOlc5GbbOHKcrFhpUE9T9vcdqhU-Y10jryGVjAZkp1xydgtNSG4TIsuRG7n%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D5.3.0.0
5. http://localhost:5000/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A5005%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520policy%2520offline_access%26response_mode%3Dform_post%26nonce%3D637178143592500840.MTFlNzIwODctMjMxYy00YmMxLTkyYWUtZmRhZWUyMTNiZWY2YTNkMjg5YTMtM2Q1NC00YjhmLWI2ZGMtMjAyMTI0Y2NhYzU4%26state%3DCfDJ8K6aWoKMr8xMsqCqTDRgk195NOJdsT_p4koLYKAR3we5r9BrJWRpLMDH_YWxTPlLpFTmv4_XeDc32kzlY75wWqU0_XlT0yfVNaxsKnRlmTvUm4F3H2YabASFmbKmhEVowlf31xAyf7OASmlm9aygzV-Lide3GbK8GpPaYAKgL6RLtwYrqzGtYnK4bUcreLB2iX4YmhdOwlSYBphSSXp-_0R0gZ-tIttb48r5olIKKotAYi3h_DOlc5GbbOHKcrFhpUE9T9vcdqhU-Y10jryGVjAZkp1xydgtNSG4TIsuRG7n%26x-client-SKU%3DID_N
6. http://localhost:5000/connect/authorize/callback?client_id=mvc&redirect_uri=http%3A%2F%2Flocalhost%3A5005%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20policy%20offline_access&response_mode=form_post&nonce=637178141264001440.ODhmNTc1OWEtNTQ5Yi00ODRiLWJiMDctOWM3Y2NhYjVhZDdhNDEzMGEwNDMtM2U1Ni00ZGRhLWIwM2MtNzY5NGQyMWU3NmQ4&state=CfDJ8K6aWoKMr8xMsqCqTDRgk191ARP4O2XyPT-Uom-_SQjQYzOoZOtlwcOOcQvwXwV1-W7Q4O3CD9YpEGdOmAEWKxMG4Mj6-93AjYEZM6hJNMpj7tAybzRskaUjZhQPChQr_jL5_iCHnn9utRkn1HspP8jDNZ-5mzJpqQGM_JXeoJLOutFq9k8c9s7YMt7eZickCbSKu3p9wK7kG9H-6XXjIjVO5IX0XeTiS0P5s0eC3VzSEpMd5cn_Ig13S2dsb2FRhcTCI34vIj5K06BVSqlO1mxRr8cduqWqhZorx4G008kj&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.3.0.0
7. http://localhost:5000/consent?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A5005%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520policy%2520offline_access%26response_mode%3Dform_post%26nonce%3D637178141264001440.ODhmNTc1OWEtNTQ5Yi00ODRiLWJiMDctOWM3Y2NhYjVhZDdhNDEzMGEwNDMtM2U1Ni00ZGRhLWIwM2MtNzY5NGQyMWU3NmQ4%26state%3DCfDJ8K6aWoKMr8xMsqCqTDRgk191ARP4O2XyPT-Uom-_SQjQYzOoZOtlwcOOcQvwXwV1-W7Q4O3CD9YpEGdOmAEWKxMG4Mj6-93AjYEZM6hJNMpj7tAybzRskaUjZhQPChQr_jL5_iCHnn9utRkn1HspP8jDNZ-5mzJpqQGM_JXeoJLOutFq9k8c9s7YMt7eZickCbSKu3p9wK7kG9H-6XXjIjVO5IX0XeTiS0P5s0eC3VzSEpMd5cn_Ig13S2dsb2FRhcTCI34vIj5K06BVSqlO1mxRr8cduqWqhZorx4G008kj%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D5.3.0.0
8. Yes, Allow (requesting permission)
9. Redirect (cannot see because too quick)
10. Redirect to http://localhost:5005/ being logged in

and it seems to be exactly the same as yours so, i would think of a miss-configuration on your part...

[Walid-Abdulrazik]

i downloaded a new clone to a new directory and set the ports right like you said and set startup projects and -> debug

the flow goes as follows with chrome

1. http://localhost:5005/Home/Login?returnUrl=%2F

2. http://localhost:5000/connect/authorize?client_id=mvc&redirect_uri=http%3A%2F%2Flocalhost%3A5005%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20policy%20offline_access&response_mode=form_post&nonce=637178158350621259.ODljOWY4ZTItNTkwZi00ODc4LTlmZGEtN2NlNmFmMWYzM2U5MDMxMDk3NzMtOTc2NC00N2E0LTgzNWItYjk5Zjk2N2Y1NjA0&state=CfDJ8DiuKmt7yNlOjSxOkWhzsG1TTvMNaMgiqjTBfAb-eXT-r5WRyR9tfxrPUvSwUjz_Ki6OsLtP9mWAOkhmBysH5Xt54_p8bpI3V5NbaN9kOyCTQm6DETs4-2M1Pg82pZTOmTIr82Ci5c56h1s6hq_feP6o34iUic01d9kHtp0sZi_6ob5PFeeJ31uRvHzUMN6Vbw0uOiIy6jo0xsSepdJyAsShIzIk-Beh2eYGn5BFnyTndQtQbJYSDVFgOIKvPfd6ZPqd_WsPe39OTRVVZtjyL26Op1UWK8SEJY4txh_76rCu&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.3.0.0

3. http://localhost:5000/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A5005%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520policy%2520offline_access%26response_mode%3Dform_post%26nonce%3D637178158350621259.ODljOWY4ZTItNTkwZi00ODc4LTlmZGEtN2NlNmFmMWYzM2U5MDMxMDk3NzMtOTc2NC00N2E0LTgzNWItYjk5Zjk2N2Y1NjA0%26state%3DCfDJ8DiuKmt7yNlOjSxOkWhzsG1TTvMNaMgiqjTBfAb-eXT-r5WRyR9tfxrPUvSwUjz_Ki6OsLtP9mWAOkhmBysH5Xt54_p8bpI3V5NbaN9kOyCTQm6DETs4-2M1Pg82pZTOmTIr82Ci5c56h1s6hq_feP6o34iUic01d9kHtp0sZi_6ob5PFeeJ31uRvHzUMN6Vbw0uOiIy6jo0xsSepdJyAsShIzIk-Beh2eYGn5BFnyTndQtQbJYSDVFgOIKvPfd6ZPqd_WsPe39OTRVVZtjyL26Op1UWK8SEJY4txh_76rCu%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D5.3.0.0

4. after i enter bob/Pass123$ and hit login it redirects to http://localhost:5000/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A5005%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520policy%2520offline_access%26response_mode%3Dform_post%26nonce%3D637178158350621259.ODljOWY4ZTItNTkwZi00ODc4LTlmZGEtN2NlNmFmMWYzM2U5MDMxMDk3NzMtOTc2NC00N2E0LTgzNWItYjk5Zjk2N2Y1NjA0%26state%3DCfDJ8DiuKmt7yNlOjSxOkWhzsG1TTvMNaMgiqjTBfAb-eXT-r5WRyR9tfxrPUvSwUjz_Ki6OsLtP9mWAOkhmBysH5Xt54_p8bpI3V5NbaN9kOyCTQm6DETs4-2M1Pg82pZTOmTIr82Ci5c56h1s6hq_feP6o34iUic01d9kHtp0sZi_6ob5PFeeJ31uRvHzUMN6Vbw0uOiIy6jo0xsSepdJyAsShIzIk-Beh2eYGn5BFnyTndQtQbJYSDVFgOIKvPfd6ZPqd_WsPe39OTRVVZtjyL26Op1UWK8SEJY4txh_76rCu%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D5.3.0.0

5. then automatically redirects to http://localhost:5000/connect/authorize/callback?client_id=mvc&redirect_uri=http%3A%2F%2Flocalhost%3A5005%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20policy%20offline_access&response_mode=form_post&nonce=637178158350621259.ODljOWY4ZTItNTkwZi00ODc4LTlmZGEtN2NlNmFmMWYzM2U5MDMxMDk3NzMtOTc2NC00N2E0LTgzNWItYjk5Zjk2N2Y1NjA0&state=CfDJ8DiuKmt7yNlOjSxOkWhzsG1TTvMNaMgiqjTBfAb-eXT-r5WRyR9tfxrPUvSwUjz_Ki6OsLtP9mWAOkhmBysH5Xt54_p8bpI3V5NbaN9kOyCTQm6DETs4-2M1Pg82pZTOmTIr82Ci5c56h1s6hq_feP6o34iUic01d9kHtp0sZi_6ob5PFeeJ31uRvHzUMN6Vbw0uOiIy6jo0xsSepdJyAsShIzIk-Beh2eYGn5BFnyTndQtQbJYSDVFgOIKvPfd6ZPqd_WsPe39OTRVVZtjyL26Op1UWK8SEJY4txh_76rCu&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.3.0.0

6. then automatically redirects to http://localhost:5000/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A5005%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520policy%2520offline_access%26response_mode%3Dform_post%26nonce%3D637178158350621259.ODljOWY4ZTItNTkwZi00ODc4LTlmZGEtN2NlNmFmMWYzM2U5MDMxMDk3NzMtOTc2NC00N2E0LTgzNWItYjk5Zjk2N2Y1NjA0%26state%3DCfDJ8DiuKmt7yNlOjSxOkWhzsG1TTvMNaMgiqjTBfAb-eXT-r5WRyR9tfxrPUvSwUjz_Ki6OsLtP9mWAOkhmBysH5Xt54_p8bpI3V5NbaN9kOyCTQm6DETs4-2M1Pg82pZTOmTIr82Ci5c56h1s6hq_feP6o34iUic01d9kHtp0sZi_6ob5PFeeJ31uRvHzUMN6Vbw0uOiIy6jo0xsSepdJyAsShIzIk-Beh2eYGn5BFnyTndQtQbJYSDVFgOIKvPfd6ZPqd_WsPe39OTRVVZtjyL26Op1UWK8SEJY4txh_76rCu%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D5.3.0.0

i do not get any consent screens, do you have any idea what am i doing wrong ?

[Walid-Abdulrazik]

In Addition , if i go to http://localhost:5000/ and click "Click here to manage your stored grants." and enter the login page and enter the credentials it does the same also and redirects me again to the login page, i think it is an identity server configuration issue on my side ... maybe if you delete your database "TestPolicyServer-IdentityServer-1" and try to remigrate it will help debug this issue...

[Angelinsky7]

I tried to re-create the database and saw the i was missing some parameter (not sure that there was a real impact but nevertheless) and updated the seed method. I also updated the readme, to explain that you first need to start the TestIdentityServer project with a /seed parameter to correctly create the 2 users.

Can you try to update the project and try it one more time ?

[Walid-Abdulrazik]

Sorry for the late reply ...

It works now, i tried to access from internet explorer and it worked, and it turned out to be a problem with old cookies and site settings for the localhost from previous work on chrome which is my default browser..

my bad ...

Thanks alot for your help ...

Can i ask one more question? how do you properly configure this server to work with a sql database instead of the in memory policy configuration?

[Angelinsky7]

@Walid-Abdulrazik with pleasure... this is the part missing from the current form or the repo. Actually now the : PolicyServer1.EntityFramework.Storage and PolicyServer1.EntityFramework project have a lot of the code to make this work and you should manage to use : AddConfigurationStoreinstead of AddInMemoryPolicies... but it was the next step of the development and i wanted to create some view and controller (rest api) to let the user manage the user rights... (exactly in the same way as IdentityServer) In the current state, i think it's not usable now... sorry