DuendeSoftware / Support

Support for Duende Software products
21 stars 0 forks source link

CORS post on /connect/token results in a 502 #1359

Closed bernddg closed 3 months ago

bernddg commented 4 months ago

Which version of Duende IdentityServer are you using? Duende V7.0.5 Which version of .NET are you using? .net 8 Describe the bug

I use the OAuth authorisation button from a swagger to get a token, but get a 502 after a while This works fine with Duende V6, without having to configure the DefaultCorsPolicyService

So i decided to configure it.

Code from the startup

services.AddSingleton((container) => { var logger = container.GetRequiredService<ILogger>(); var authority = $"{Configuration["Authority"]}";

  return new DefaultCorsPolicyService(logger)
  {
      AllowedOrigins = {authority, authority.Replace("/ebloxhr", "")}
  };

});

--> AllowedOrigins should contain "https://myworkandme.com.acc.sd.dika.be"

The trace is very minimal as you can see.

Expected behavior

Post to /connect/token should work with the given CORS policy in place

Log output/exception with stacktrace

2024-08-02 12:39:02,016 INFO  [(null)??] - Microsoft.AspNetCore.Hosting.Diagnostics - Request starting HTTP/1.1 POST http://myworkandme.com.acc.sd.dika.be/ebloxhr/elearningplatform/connect/token - application/x-www-form-urlencoded 159
2024-08-02 12:39:02,017 DEBUG [(null)??] - Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware - POST requests are not supported
2024-08-02 12:39:02,018 DEBUG [(null)??] - Microsoft.AspNetCore.Routing.Matching.DfaMatcher - No candidates found for the request path '/connect/token'
2024-08-02 12:39:02,019 DEBUG [(null)??] - Microsoft.AspNetCore.Routing.EndpointRoutingMiddleware - Request did not match any endpoints
**2024-08-02 12:39:02,024 DEBUG [(null)??] - Duende.IdentityServer.Hosting.CorsPolicyProvider - CORS request made for path: /connect/token from origin: https://myworkandme.com.acc.sd.dika.be
2024-08-02 12:39:33,553 DEBUG [(null)??] - Microsoft.AspNetCore.Server.IIS.Core.IISHttpServer - Connection ID "17509995361417109611" disconnecting.

Additional context

Add any other context about the problem here.

bernddg commented 3 months ago

Removed an old DI for DefaultCorsPolicyService