search

brockallen / BrockAllen.MembershipReboot

MembershipReboot is a user identity management and authentication library.
Other
742 stars 238 forks source link

IdentityServer3 Membership Reboot SelfHost #599

Closed NigeB closed 8 years ago

NigeB commented 8 years ago

Hi Brock.

I've been hosting IdentityServer3 and MR with two factor in a console app using Owin.SelfHost nicely for a while, but it has suddenly stopped working.

The problem is when I enable two factor - I call userAccountService.Authenticate() and MR goes off to MembershipReboot.WebHost.AspNetCookieBasedTwoFactorAuthPolicy.GetCookie() to get the cookie but fails because HttpContext.Current is null.

Tracing it through, HttpContext.Current is null all the way through the code. I kind of get this, as I thought this was normal for Owin based applications, but you use it in GetCookie(), so that can't be the case. AND it worked until a couple of days ago(!)

I don't know what I changed, but to save my sanity, I created a brand new project, installed the Owin.Selfhost package, IdentityServer3, and MR, and it all works except when I want to use two factor and HttpContext.Current is null.

It all works fine hosted on IIS, of course, but I really rely on the self hosted app for dev.

I've exhausted all other options - I can't see anything on the issues about this. Have I forgotten something crucial?

Thanks Brock.

ps. I'm using the latest packages - see here:

    <packages>
    <package id="AutoMapper" version="4.1.1" targetFramework="net45" />
    <package id="BrockAllen.MembershipReboot" version="8.4.0" targetFramework="net45" />
    <package id="BrockAllen.MembershipReboot.Ef" version="8.0.0" targetFramework="net45" />
    <package id="BrockAllen.MembershipReboot.Owin" version="7.1.1" targetFramework="net451" />
    <package id="BrockAllen.MembershipReboot.WebHost" version="7.1.0" targetFramework="net451" />
    <package id="EntityFramework" version="6.1.3" targetFramework="net45" />
    <package id="IdentityModel" version="1.0.0" targetFramework="net45" />
    <package id="IdentityServer3" version="2.2.3" targetFramework="net45" />
    <package id="IdentityServer3.EntityFramework" version="2.2.0" targetFramework="net45" />
    <package id="IdentityServer3.MembershipReboot" version="2.0.0" targetFramework="net45" />
    <package id="log4net" version="2.0.5" targetFramework="net45" />
    <package id="Microsoft.Owin" version="3.0.1" targetFramework="net45" />
    <package id="Microsoft.Owin.Diagnostics" version="3.0.1" targetFramework="net451" />
    <package id="Microsoft.Owin.Host.HttpListener" version="3.0.1" targetFramework="net451" />
    <package id="Microsoft.Owin.Hosting" version="3.0.1" targetFramework="net451" />
    <package id="Microsoft.Owin.Security" version="3.0.1" targetFramework="net451" />
    <package id="Microsoft.Owin.Security.Cookies" version="3.0.1" targetFramework="net451" />
    <package id="Microsoft.Owin.SelfHost" version="3.0.1" targetFramework="net451" />
    <package id="Newtonsoft.Json" version="7.0.1" targetFramework="net45" />
    <package id="Owin" version="1.0" targetFramework="net45" />
    </packages>
brockallen commented 8 years ago

Self-hosted? Well, depends what libraries you were using. There's a SystemWeb for IIS hosting, and an Owin for Katana hosting.

NigeB commented 8 years ago

Yep. I use SystemWeb for hosting on the iis server, but Owin for running it in a console window on my local machine. That should work, right?

brockallen commented 8 years ago

Well, if that's the case then I don't think you should see any code trying to access HttpContext.Current in the OWIN hosted scenario.