Closed ECD10 closed 1 year ago
A few points:
A sample app you can use for further reference can be found in this repo: https://github.com/martincostello/SignInWithAppleSample
A few points:
- It is not safe to store the p8 file in wwwroot as then it can be downloaded to the browser, leaking your private key. It should be stored in the same folder in the app as your compiled binaries (or even better, externally in a technology such as Azure Key Vault).
- If storing the key on disk with the app, ensure you include it in the published website artefact.
- Turning up logging should give you clues as to what the error is.
- .NET Core 3.1 is out of support since December 2022 and no longer receives security patches. You should update to at least .NET 6.
A sample app you can use for further reference can be found in this repo: https://github.com/martincostello/SignInWithAppleSample
warn: Microsoft.AspNetCore.DataProtection.Repositories.EphemeralXmlRepository[50] Using an in-memory repository. Keys will not be persisted to storage. warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[59] Neither user profile nor HKLM registry available. Using an ephemeral key repository. Protected data will be unavailable when application exits. warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[35] No XML encryptor configured. Key {27c4441a-c32b-4565-937f-f1eadba51faa} may be persisted to storage in unencrypted form. info: Microsoft.Hosting.Lifetime[0] Application started. Press Ctrl+C to shut down. info: Microsoft.Hosting.Lifetime[0] Hosting environment: Production info: Microsoft.Hosting.Lifetime[0] Content root path: C:\Inetpub\vhosts\encada.com.tr\mobileauth.encada.com.tr info: AspNet.Security.OAuth.Apple.AppleAuthenticationHandler[7] Apple was not authenticated. Failure message: Not authenticated info: AspNet.Security.OAuth.Apple.AppleAuthenticationHandler[12] AuthenticationScheme: Apple was challenged. fail: AspNet.Security.OAuth.Apple.Internal.DefaultAppleClientSecretGenerator[1] Failed to generate new client secret for the Apple authentication scheme. Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: The system cannot find the file specified. at System.Security.Cryptography.CngKeyLite.ImportKeyBlob(String blobType, ReadOnlySpan
1 keyBlob, Boolean encrypted, ReadOnlySpan1 password) at System.Security.Cryptography.CngPkcs8.ImportPkcs8(ReadOnlySpan
1 keyBlob)
at System.Security.Cryptography.CngPkcs8.ImportPkcs8PrivateKey(ReadOnlySpan1 source, Int32& bytesRead) at System.Security.Cryptography.ECDsaImplementation.ECDsaCng.ImportPkcs8PrivateKey(ReadOnlySpan
1 source, Int32& bytesRead)
at Internal.Cryptography.PemKeyImportHelpers.ImportPem(ReadOnlySpan1 input, FindImportActionFunc callback) at System.Security.Cryptography.ECDsa.ImportFromPem(ReadOnlySpan
1 input)
at AspNet.Security.OAuth.Apple.Internal.DefaultAppleClientSecretGenerator.CreateAlgorithm(ReadOnlyMemory1 pem) at AspNet.Security.OAuth.Apple.Internal.DefaultAppleClientSecretGenerator.GenerateNewSecretAsync(AppleGenerateClientSecretContext context) at AspNet.Security.OAuth.Apple.Internal.DefaultAppleClientSecretGenerator.<>c__DisplayClass5_0.<<GenerateAsync>b__0>d.MoveNext() info: AspNet.Security.OAuth.Apple.AppleAuthenticationHandler[4] Error from RemoteAuthentication: The system cannot find the file specified.. fail: Microsoft.AspNetCore.Server.IIS.Core.IISHttpServer[2] Connection ID "17509995417251614254", Request ID "80000e2f-000f-f300-b63f-84710c7967bb": An unhandled exception was thrown by the application. System.Exception: An error was encountered while handling the remote login. ---> Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: The system cannot find the file specified. at System.Security.Cryptography.CngKeyLite.ImportKeyBlob(String blobType, ReadOnlySpan
1 keyBlob, Boolean encrypted, ReadOnlySpan1 password) at System.Security.Cryptography.CngPkcs8.ImportPkcs8(ReadOnlySpan
1 keyBlob)
at System.Security.Cryptography.CngPkcs8.ImportPkcs8PrivateKey(ReadOnlySpan1 source, Int32& bytesRead) at System.Security.Cryptography.ECDsaImplementation.ECDsaCng.ImportPkcs8PrivateKey(ReadOnlySpan
1 source, Int32& bytesRead)
at Internal.Cryptography.PemKeyImportHelpers.ImportPem(ReadOnlySpan1 input, FindImportActionFunc callback) at System.Security.Cryptography.ECDsa.ImportFromPem(ReadOnlySpan
1 input)
at AspNet.Security.OAuth.Apple.Internal.DefaultAppleClientSecretGenerator.CreateAlgorithm(ReadOnlyMemory1 pem) at AspNet.Security.OAuth.Apple.Internal.DefaultAppleClientSecretGenerator.GenerateNewSecretAsync(AppleGenerateClientSecretContext context) at AspNet.Security.OAuth.Apple.Internal.DefaultAppleClientSecretGenerator.<>c__DisplayC
Based on this error:
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: The system cannot find the file specified.
You likely need to do this:
https://github.com/martincostello/SignInWithAppleSample#azure-app-service-deployment
Based on this error:
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: The system cannot find the file specified.
You likely need to do this:
https://github.com/martincostello/SignInWithAppleSample#azure-app-service-deployment
Thanks for your help.
I am using shared hosting and cannot enable load user profile. What can I do in this situation?
There's nothing you can do on the shared hosting tier - this is a limitation of Azure App Service and Windows.
Either you need to move to a higher tier with the feature you need or switch to Linux.
Additional information
I develop an app using Maui. I am using Web Authenticator. Google login works perfectly. But apple login not works. Redirects to blank page after apple login. I upload p8 file to project folder. I don't know what the problem is. Can anyone help me?
.net version 3.1 return url: domain.com/signin-apple
My Startup.cs