search

aspnet / AspNetKatana

Microsoft's OWIN implementation, the Katana project
Apache License 2.0
963 stars 332 forks source link

Getting infinite loop when trying to authenticate against Oracle Identity Cloud Service #408

Closed RaduAlexe closed 3 years ago

RaduAlexe commented 3 years ago

Hi, I’m trying to authenticate against the Oracle Identity Cloud Service.

Currently using version 4.0.1 (also tried with version 4.1.1) but getting the same behavior.

The AuthenticateCoreAsync method is called correctly but the AuthenticationProperties object is null thus getting the "The state field is missing or invalid." Error and begging redirected to the login page.

Parsing the GetPropertiesFromState method I’ve noticed that the “status” value present in the Form object has not been URL Decoded (which is the case when authenticating against Azure AD for example.). If I intercept the value from the Form array and URL decoded it and then update the value, the logic works correctly.

Any help with this would be appreciated or if anybody was already able to authenticate using the Oracle solution.

Tratcher commented 3 years ago

See https://github.com/aspnet/AspNetKatana/issues/288

RaduAlexe commented 3 years ago

Thank you @Tratcher