nathans-tgd
commented
1 year ago Did you ever resolve this? I'm having the same issue....
Open maxkonyukh opened 1 year ago
nathans-tgd
commented
1 year ago Did you ever resolve this? I'm having the same issue....
hmih
commented
10 months ago I'm hitting this as well
hmih
commented
10 months ago @maxkonyukh how did you solve the issue?
hmih
commented
9 months ago GitHub issues have a lower response rate than Tinder
FraserMuir
commented
8 months ago Just had this issue too @hmih - you need to tick the ID Tokens checkbox:
dschmittwilken
commented
7 months ago Just had this issue too @hmih - you need to tick the ID Tokens checkbox:
I am having the same issue with those redirects even with id tokens being checked. My config is as follows:
{ "trailingSlash": "auto", "routes": [ { "route": "/.auth/login/aad/callback", "allowedRoles": ["anonymous", "authenticated"] }, { "route": "/login", "rewrite": "/.auth/login/aad", "allowedRoles": ["anonymous", "authenticated"] }, { "route": "/logout", "redirect": "/.auth/logout", "allowedRoles": ["anonymous", "authenticated"] }, { "route": "/.auth/complete", "allowedRoles": ["anonymous", "authenticated"] }, { "route": "/*", "allowedRoles": ["authenticated"] } ], "responseOverrides": { "401": { "statusCode": 302, "redirect": "/.auth/login/aad" } },
thkn-hofa
commented
7 months ago Having exactly the same problem with the following staticwebapp.config.json:
{
"auth": {
"identityProviders": {
"azureActiveDirectory": {
"registration": {
"openIdIssuer": "https://login.microsoftonline.com/<correct tenant id>/v2.0",
"clientIdSettingName": "AZURE_CLIENT_ID",
"clientSecretSettingName": "AZURE_CLIENT_SECRET"
}
}
}
},
"navigationFallback": {
"rewrite": "/index.html"
},
"routes": [
{
"route": "/login",
"rewrite": "/.auth/login/aad",
"allowedRoles": ["anonymous", "authenticated"]
},
{
"route": "/.auth/login/github",
"statusCode": 404
},
{
"route": "/.auth/login/twitter",
"statusCode": 404
},
{
"route": "/logout",
"redirect": "/.auth/logout",
"allowedRoles": ["anonymous", "authenticated"]
},
{
"route": "/.auth/*",
"allowedRoles": ["anonymous","authenticated"]
},
{
"route": "/*",
"allowedRoles": ["authenticated"]
}
],
"responseOverrides": {
"401": {
"redirect": "/.auth/login/aad",
"statusCode": 302
}
},
"globalHeaders": {
"Cache-Control": "no-cache"
}
}
rjadhav-web
commented
7 months ago had the same issue, the Secret used in the App setting was incorrect.
thkn-hofa
commented
7 months ago @rjadhav-web you see the <correct tenant id> for openIdIssuer... Yeah, that wasn't correct. Thanks for pointing me in the right direction.
I probably registered over 100 app registration but for some reason, I chose to use the subscription Id instead of the tenant Id... Lost hours on that little screw-up.
hitec-lbmc
commented
7 months ago I am having the exact issue as @thkn-hofa and @dschmittwilken. My staticwebapp.config.json also looks very similar.
I can confirm that my tenant Id is correct.
Can anyone from MS share some insight on what might be causing this redirect loop? I guess it might be some settings in Azure AD but that is not area of expertise.
thkn-hofa
commented
7 months ago I am having the exact issue as @thkn-hofa and @dschmittwilken. My
staticwebapp.config.jsonalso looks very similar. I can confirm that my tenant Id is correct.Can anyone from MS share some insight on what might be causing this redirect loop? I guess it might be some settings in Azure AD but that is not area of expertise.
Try removing the 401 redirection settings (responseOverrides) and then navigate to 'https://yourwebsite/.auth/complete'. If that shows a 401 page, it's probably your auth settings.
dschmittwilken
commented
7 months ago I am having the exact issue as @thkn-hofa and @dschmittwilken. My
staticwebapp.config.jsonalso looks very similar. I can confirm that my tenant Id is correct. Can anyone from MS share some insight on what might be causing this redirect loop? I guess it might be some settings in Azure AD but that is not area of expertise.Try removing the 401 redirection settings (responseOverrides) and then navigate to 'https://yourwebsite/.auth/complete'. If that shows a 401 page, it's probably your auth settings.
Didn't try that, yet. But when using browser incognito mode I don't get that redirect loop. I also deleted cookies completely already, but on normal browser I still get the error. Beside the infinite loop doesn't block the login itself
dschmittwilken
commented
7 months ago I am having the exact issue as @thkn-hofa and @dschmittwilken. My
staticwebapp.config.jsonalso looks very similar. I can confirm that my tenant Id is correct. Can anyone from MS share some insight on what might be causing this redirect loop? I guess it might be some settings in Azure AD but that is not area of expertise.Try removing the 401 redirection settings (responseOverrides) and then navigate to 'https://yourwebsite/.auth/complete'. If that shows a 401 page, it's probably your auth settings.
Removing the override, I could see that one file of the static site generated by hugo tries to query a file called "site.webmanifest", no idea what this is, but I will just exclude this from the redirect probably or perhaps I need to add it to my site. Will analyze this. Thank you very much! So in my case the problem is solved!
Updated auth config (could even get rid of the other login routes):
{ "trailingSlash": "auto", "routes": [ { "route": "/site.webmanifest", "allowedRoles": ["anonymous", "authenticated"] }, { "route": "/*", "allowedRoles": ["authenticated"] } ], "responseOverrides": { "401": { "statusCode": 302, "redirect": "/.auth/login/aad" } },
Hello,
We are using Static Web App for a small internal admin resource. It is written with the latest version of React and Typescript. For authentication we are using configuration in
staticwebapp.config.json. Here is the content of this file:The authentication does seem to work for desktop browsers and it also protects the whole application. I can get
clientPrincipalinformation by going to/.auth/me, however The problem that I am facing is the redirect loop which goes on until it just fails at the end and the loop stops. I guess some browsers suppress this because I can only see this problem in the console for Edge for example. In mobile Safari browser on my iPhone I actually can't login and I keep getting redirected to the login screen. The same goes for desktop Firefox.And when the loop in Firefox stops I get this:
I guess it's related to this issue #297 but none of the suggestions helped me to resolve it on my end.
This is the screenshot of my network tab:
This is the screenshot of my console tab in desktop Edge:
Worth mentioning that this route is probably to blame:
because if I remove the wildcard
*the redirect issues goes away. However my assumption was that by adding this route in front it would ignore everything that is related to/.auth:I will appreciate any help :)