Access token not generated through HttpContext.SignInAsync method

[PrabuLK]

Which version of Duende IdentityServer are you using? 6.1.7

Which version of .NET are you using? 4.6

Describe the bug I have created 2 solution one is for Identity server and another one is the client application.

In the Identity server I have created the login page, once the user is authenticated using the custom authentication user will be redirected to the client application and in the client application I need to get the access token which will be used for further API calls.

Below method is in the Identity server to authenticate and generate the token. public async Task ValidateLogin(LoginModel model) { var result = new LoginService().Authenticate(model);

        if(result.Result.Content.ToString() == "Success")
        {
            //var claims = new Claim[] { new Claim("sub", "unique_id_for_user") };
            //var identity = new ClaimsIdentity(claims, "pwd");
            //var user = new ClaimsPrincipal(identity);
            //await HttpContext.SignInAsync(user);

            var claims = new List<Claim>() {
                    new Claim(ClaimTypes.NameIdentifier, Convert.ToString(1)),
                        new Claim(ClaimTypes.Name, "Prabu LK"),
                        new Claim(ClaimTypes.Role, "Admin"),
                        new Claim("sub", "unique_id_for_user")};
            var identity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);                
            var principal = new ClaimsPrincipal(identity);                  
            await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, new AuthenticationProperties()
            {
                IsPersistent = true
            });

            return Redirect("https://localhost:5002/Index");
        }

        return Redirect("https://localhost:5002/Error");
    }

In Program.cs file added below code. builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie(x => x.LoginPath = "/account/login");

In the client application below CSHTML content is added.

@page @model IndexModel

@using Microsoft.AspNetCore.Authentication

Claims

@if(User.Identity.IsAuthenticated){

@foreach (var claim in User.Claims) {

@claim.Type

@claim.Value

}

Properties

@foreach (var prop in (await HttpContext.AuthenticateAsync()).Properties!.Items) {

@prop.Key

@prop.Value

}

}

A clear and concise description of what the bug is. if(User.Identity.IsAuthenticated) this condition is always return as false and I couldn't get the access token using await HttpContext.AuthenticateAsync(), it throws object reference not set to instance of the object error.

A clear and concise description of what you expected to happen. Want to know if the approach which I am trying is correct? and why accesstoken is not generated. Am I missing something.

[PrabuLK]

I am getting some like this in the cookie, is this the access token, but when I try to decode using the base64 it is showing some invalid content.

[RolandGuijt]

SignInAsync doesn't create a token nor does it return it. It sets the session cookie.

I have the feeling you have some fundamental knowledge gaps around how the flow is supposed to work. If so the best way to fill these gaps is to follow along with our QuickStarts. To get the best possible understanding I would recommend doing them all.

[RolandGuijt]

@PrabuLK Did things work out for you? Would you like to add to this issue? If not I'd like to close it.

[RolandGuijt]

Closing this but feel free to reopen and add something if needed.