search

AzureAD / azure-activedirectory-identitymodel-extensions-for-dotnet

IdentityModel extensions for .Net
MIT License
1.06k stars 401 forks source link

[Bug] OpenIdConnect issue #2579

Open davhev8619 opened 6 months ago

davhev8619 commented 6 months ago

Which version of Microsoft.IdentityModel are you using? Bug from version 7.4.0 and upwards

Where is the issue?

Is this a new or an existing app? a. The app is in production and I have upgraded to a new version of Microsoft.IdentityModel.*

Repro Use OpenIdConnect as authentication

services.AddAuthentication(options => {
    options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(options => {
    options.Authority = "https://your-identity-provider";
    options.ClientId = "your-client-id";
    options.ClientSecret = "your-client-secret";
    options.ResponseType = "code";
    options.CallbackPath = "/signin-oidc";  // Ensure this matches the redirect URI configured in the IdP
});

Expected behavior Authentication should work

Actual behavior An unhandled exception occurred while processing the request. InvalidOperationException: Cannot redirect to the authorization endpoint, the configuration may be missing or invalid. Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsyncInternal(AuthenticationProperties properties)

Stack Query Cookies Headers Routing InvalidOperationException: Cannot redirect to the authorization endpoint, the configuration may be missing or invalid. Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsyncInternal(AuthenticationProperties properties) Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsync(AuthenticationProperties properties) Microsoft.AspNetCore.Authentication.AuthenticationHandler.ChallengeAsync(AuthenticationProperties properties) Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, string scheme, AuthenticationProperties properties) Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler+<>c__DisplayClass0_0+<g__Handle|0>d.MoveNext() Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddlewareImpl.Invoke(HttpContext context)

Possible solution Check difference between where it works

pmaytak commented 1 month ago

Seems to be a duplicate of #2514 - version mismatch between libraries.

@davhev8619 Does this error still happen for you? Can you try to explicitly reference Microsoft.IdentityModel.Protocols.OpenIdConnect 7.4.0 or make sure it matches with the other Microsoft.IdentityModel.* package versions.