This might be stupid... but I need to ask because I'm racking my brain - Error processing credentials

[mogadorealumni]

AbsoluteURL:/Default.aspx DefaultDataProvider:DotNetNuke.Data.SqlDataProvider, DotNetNuke ExceptionGUID:3be21ae4-2792-423b-ab8d-8f12c4e17973 AssemblyVersion:9.1.0 PortalId:0 UserId:-1 TabId:20 RawUrl:/Login?code=AQABAAIAAABHh4kmS_aKT5XrjzxRAtHzeJ8qSXMFfaW-akK3ARO0RGCbFsWoXdljevMDfRp9yWneSQb_oXP24_vfNSYUDNrFh-o09ILH1znhPhnRs3qlz4aNlr53YEp88E39gLwKKE7fOTWq1NFU9HECb7IoVTYuLOBte2h6UsbUlWX7FCYpGD1Cq7KXms03wnDj8q3OUbDNaat0NVCqwY_J77LgKPKjshjN6vh7ZKzC9g89I9VCO4ai Referrer:http://msaf.azurewebsites.net/Login?returnurl=%2fDefault.aspx%3ftabid%3d20%26error%3dAn%2520unexpected%2520error%2520has%2520occurred UserAgent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299 ExceptionHash:krzLKsOKjfdgw1YJ8JwM/1nRH68= Message:There was an error processing the credentials. Contact your system administrator. StackTrace:

InnerMessage:There was an error processing the credentials. Contact your system administrator. InnerStackTrace: at DotNetNuke.Authentication.Azure.Components.AzureClient.GetToken(String responseText) at DotNetNuke.Services.Authentication.OAuth.OAuthClientBase.ExchangeCodeForToken() at DotNetNuke.Services.Authentication.OAuth.OAuthClientBase.AuthorizeV2() at DotNetNuke.Services.Authentication.OAuth.OAuthClientBase.Authorize() at DotNetNuke.Services.Authentication.OAuth.OAuthLoginBase.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

Source: FileName: FileLineNumber:0 FileColumnNumber:0 Method: Server Name: RD0003FF6487C1

I keep getting this error when I attempt to login to my site from Azure AD. However, I believe there to be an issue with syncing users over from Azure AD to my site. Does this app do it automatically or do I have to manually create all my users in my site and what settings do I need to do to tie each user to its Azure AD account?

[davidjrh]

The Azure AD provider automatically registers the user after being authorized by Azure AD (note that the users registration settings can still be "Verified", "Public", "Private" or "None", so you need to change that as needed on "Settings > Security > Member Accounts > Registration Settings > User Registration"

But I would bet by the error message, that when you copied the app credential from Azure (App ID and Secret), you copied a blank space from the browser that is causing the authentication issue. Did you ever resolve it?

[ohine]

I'm getting the same issue when trying to use the provider. I verified no spaces are in my settings.

After attempting a login, I get the same error logged. When going back into the provider settings, it's disabled and the app id and secret are blank.

Any more ideas @davidjrh?

[kanagavallapparaj]

Hi davidjrh, I am also facing the same issues , after login default.aspx throwing the below error. AbsoluteURL:/Default.aspx DefaultDataProvider:DotNetNuke.Data.SqlDataProvider, DotNetNuke ExceptionGUID:02021ce3-3171-4609-9f85-a235f1f04c28 AssemblyVersion:9.2.2 PortalId:0 UserId:-1 TabId:20 RawUrl:/Login?state=Azure&code=eyJraWQiOiJjcGltY29yZV8wOTI1MjAxNSIsInZlciI6IjEuMCIsInppcCI6IkRlZmxhdGUiLCJzZXIiOiIxLjAifQ..Bh-1XPOuRqSTvexH.Mph5WlrXH_huGgtPmoKp2QHBGZL7LcopJh2jhio0BEfuPrTW4DPmbn7jcKMPwrBYaxWPuVlSODM-jpQngj3MgMtnaTwy9ORGee0CsKWOuExh2YeRzY7tID-DXuI Referrer:https://login.live.com/oauth20_authorize.srf?client_id=41ebd7a8-1ba7-4806-a23a-669272522507&redirect_uri=https%3a%2f%2fnivant.b2clogin.com%2fnivant.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode= UserAgent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134 ExceptionHash:dMmuhHoJZIXehMPF5xZejmDiBRY= Message:There was an error processing the credentials. Contact your system administrator. StackTrace:

InnerMessage:There was an error processing the credentials. Contact your system administrator. InnerStackTrace: at DotNetNuke.Authentication.Azure.Components.AzureClient.GetToken(String responseText) at DotNetNuke.Services.Authentication.OAuth.OAuthClientBase.ExchangeCodeForToken() at DotNetNuke.Services.Authentication.OAuth.OAuthClientBase.AuthorizeV2() at DotNetNuke.Services.Authentication.OAuth.OAuthLoginBase.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

Source: FileName: FileLineNumber:0 FileColumnNumber:0 Method: Server Name: DESKTOP-5TN92T7

[davidjrh]

Hi, I believe that @ohine and @kanagavallapparaj issues are the same one that I fixed some days back with the 3.1 release (see issue https://github.com/davidjrh/dnn.azureadprovider/issues/17).

Can you check with the new 3.1 release?

[davidjrh]

Closing as old issue and probably solved on #17

[MarkJaroski]

Hi @davidjrh , sorry to reopen this, but we've install the 3.1 release on DNN 09.04.05.

I can see that it uses the auth code grant. The first GET to Microsoft works, and DNN receives the GET coming back after AuthN. I can see traffic go out to verify the token, but it's encrypted of course.

Are there any debugging tricks that I can use to see what's going wrong in the token validation step?

For what it's worth this is a WHO website, and is directly involved in the Covid-19 response, so if you can help it would be a really good thing.

[davidjrh]

Can you check for more information on the log4net files? When an error happens during the code exchange, a log entry is written under /Portals/_default/Logs/LogYYYY-MM-DD.resources file

[MarkJaroski]

Checking now

[MarkJaroski]

Thank you @davidjrh I see the issue, and it's a problem with our hosting environment.

[MarkJaroski]

@davidjrh Just one more question: is there any way to get the extension to use a different base URL than the canonical server one? We're behind a reverse proxy, and there's been a lot of work put into rewrite rules to switch the server names around.

[davidjrh]

On the new v4.0 (preview) there is a new setting where you can specify a single ReturnUrl after a successful login that could potentially work in your scenario, but I'm worried going in production with the new version yet. I would recommend to test it on a staging scenario first.

[MarkJaroski]

Thank you!