route /signin-oidc produces 404 when running production build in iis

[WalterEbbers]

Hi, i recently build a project that uses the plugin to connect to our identityserver. When using 'au run --watch' and navigating to the app with http://localhost:9000 everything works fine. But when i create a production build and place it within a IIS folder to test it there, the redirection from identityserver back to the app fails with a HTTP Error 404.0 - Not Found. I tried the provided samples but the result is the same. IIS tries to resolve the following url: http://pcname/prod/client/signin-oidc#id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjU2NTg3MTViNzY2NzYyYTA5OWJjZGM1Y2M3YTMzNDM2IiwidHlwIjoiSldUIn0.eyJuYmYiOjE1NjgyOTQyMjksImV4cCI6MTU2ODI5NDUyOSwiaXNzIjoiaHR0cHM6Ly9kZW1vLmlkZW50aXR5c2VydmVyLmlvIiwiYXVkIjoiaW1wbGljaXQiLCJub25jZSI6IjhkNjcwMjg4ZDRkOTQxYTM5NzBmMWYxMTRhMjc0MzFiIiwiaWF0IjoxNTY4Mjk0MjI5LCJzaWQiOiIyYjZkMTI1MmFhODAwM2I1Njg2YWVkNGY0YTY1Y2RkYyIsInN1YiI6IjExIiwiYXV0aF90aW1lIjoxNTY4MjkzNzIzLCJpZHAiOiJsb2NhbCIsIm5hbWUiOiJCb2IgU21pdGgiLCJnaXZlbl9uYW1lIjoiQm9iIiwiZmFtaWx5X25hbWUiOiJTbWl0aCIsImVtYWlsIjoiQm9iU21pdGhAZW1haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsIndlYnNpdGUiOiJodHRwOi8vYm9iLmNvbSIsImFtciI6WyJwd2QiXX0.iU1X4nh6xovF2pFTwP08atAT1G0JwZXDfmj0O_3U60e38fO4sNnY4zDDZ0SUDp40j9B0QOmDq6cZHudtlLr56TaQg8AxiqkpeT3ah-L6ZcKmmxBryPPUOmCJedHUJBGrdMJivjMUTS2uYSuRxHwiObsTA2oe8uG18v7zg-r5MvUM-Ua7LDQeCll4QkbX6XGU-42x3DoDeNEF5rs7WIoGARqxWimkhJyShtKlHGJYFd6nWzawmJwkOGyhzwd3r3_LJbgrVAzFesrf93EH2wGtN2LzfWTRQfp6L7aO5VYzx_SmQa0zuQpKXxYHVo7XACyJLynpUB-cY0763mxdhJSYqQ&scope=openid%20email%20profile&state=7b34342c7d3849c481448bb09dfa5a9f&session_state=k_k_03A6a3UDZkaIwTpgfHd29xM-8EYSSjyjC4u1p54.b3be8e29db5e46b1320e0140bce22933

In the aurelia-app sample when publishing and opening i got a white page at first, but after i disabled the pushsstate within routerconfig i got to see the sample and tried to login. The above issue occured.

if i have config.options.pushState = true; i'm not being redirected to the login page, but when i comment it(//config.options.pushState = true;) i do get redirected.

The app is being run for example from this location: http://pcn-walter/profilename/product/client/

i tried url rewrite as found in another topic, but that did not help as the problem stayed. @shaunluttin or anyone else is this a known issue, and if so, is there a solution available?

Kind regards,

Walter

[WalterEbbers]

So after someone on gitter suggested to install url rewrite and helped me figure out the appropiate web.config i managed to get the redirection to work.
I really hope some other fix will be made but for now this 'temp' fix will do. the blogpost that helped me: https://weblog.west-wind.com/posts/2017/Apr/27/IIS-and-ASPNET-Core-Rewrite-Rules-for-Static-Files-and-Html-5-Routing

[arnederuwe]

IIS URL rewriting is a perfectly valid way to handle this, it avoids that your initial request must pass through the .NET Core pipeline and is therefore probably the most performant way to handle this.

If you want to avoid configuring pushstate through IIS, the following code in your .NET Core startup.cs should suffice:

 // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            app.Use(async (context, next) =>
            {
                await next();

                if (context.Response.StatusCode == 404
                    && !Path.HasExtension(context.Request.Path.Value))
                {
                    context.Request.Path = "/index.html";
                    await next();
                }
            });

            app.UseStaticFiles();
        }

This basically routes everything .NET Core can't find to your index.html file, so your local routing kicks in.

[WalterEbbers]

Thank you! So thanks to your answer i am wondering something. If i were to use the index.html as my aurelia redirect url for my identityserver clients(instead of http:nameofserver/client/signinoidc)., would that also help? Thinking about testing that this week.

[arnederuwe]

It wouldn't work, when you configure this plugin on the router, the signin-oidc path is added as a valid route, when identityserver redirects to this url, the plugin code coupled to this route executes and logs the user in, using the information in the singin-oidc url fragments. So if you would just redirect to your app root, this code would never execute, and you user would never be logged in

[WalterEbbers]

whoops forgot about that. thnx for the dotnet core solution. Will look into that. Thnx!

[arnederuwe]

I'm closing this, because I think you got the info you needed, feel free to reopen if you have additional questions!