dotnetify_react_template XmlException Root element is missing (500 error)

[fastrocket]

I started seeing the following error and get a 500 error when trying to sign in. I tried cloning this project from scratch and still see this error when trying to sign in.

It's strange because I had no issues signing in last week, and I didn't make any changes. I tried re-trusting the https cert with "dotnet dev-certs https --trust", but that didn't fix it.

As I'm new to OpenIdConnect and React in general (and since Google doesn't help), any clues?

info: AspNet.Security.OpenIdConnect.Server.OpenIdConnectServerHandler[0] The token request was successfully validated. fail: Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider[48] An error occurred while reading the key ring. System.Xml.XmlException: Root element is missing. at System.Xml.XmlTextReaderImpl.Throw(Exception e) at System.Xml.XmlTextReaderImpl.ParseDocumentContent() at System.Xml.XmlTextReaderImpl.Read() at System.Xml.XmlReader.MoveToContent() at System.Xml.Linq.XElement.Load(XmlReader reader, LoadOptions options) at System.Xml.Linq.XElement.Load(Stream stream, LoadOptions options) at System.Xml.Linq.XElement.Load(Stream stream) at Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository.ReadElementFromFile(String fullPath) at Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository.GetAllElementsCore()+MoveNext() at System.Collections.Generic.List1.AddEnumerable(IEnumerable1 enumerable) at System.Linq.Enumerable.ToList[TSource](IEnumerable1 source) at Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository.GetAllElements() at Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager.GetAllKeys() at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.CreateCacheableKeyRingCore(DateTimeOffset now, IKey keyJustAdded) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.Microsoft.AspNetCore.DataProtection.KeyManagement.Internal.ICacheableKeyRingProvider.GetCacheableKeyRing(DateTimeOffset now) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.GetCurrentKeyRingCore(DateTime utcNow) fail: Microsoft.AspNetCore.Server.Kestrel[13] Connection id "0HLI3BG6QC8RQ", Request id "0HLI3BG6QC8RQ:00000004": An unhandled exception was thrown by the application. System.Security.Cryptography.CryptographicException: An error occurred while trying to encrypt the provided data. Refer to the inner exception for more information. ---> System.Xml.XmlException: Root element is missing. at System.Xml.XmlTextReaderImpl.Throw(Exception e) at System.Xml.XmlTextReaderImpl.ParseDocumentContent() at System.Xml.XmlTextReaderImpl.Read() at System.Xml.XmlReader.MoveToContent() at System.Xml.Linq.XElement.Load(XmlReader reader, LoadOptions options) at System.Xml.Linq.XElement.Load(Stream stream, LoadOptions options) at System.Xml.Linq.XElement.Load(Stream stream) at Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository.ReadElementFromFile(String fullPath) at Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository.GetAllElementsCore()+MoveNext() at System.Collections.Generic.List1.AddEnumerable(IEnumerable1 enumerable) at System.Linq.Enumerable.ToList[TSource](IEnumerable1 source) at Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository.GetAllElements() at Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager.GetAllKeys() at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.CreateCacheableKeyRingCore(DateTimeOffset now, IKey keyJustAdded) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.Microsoft.AspNetCore.DataProtection.KeyManagement.Internal.ICacheableKeyRingProvider.GetCacheableKeyRing(DateTimeOffset now) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.GetCurrentKeyRingCore(DateTime utcNow) at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.GetCurrentKeyRing() at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Protect(Byte[] plaintext) --- End of inner exception stack trace --- at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Protect(Byte[] plaintext) at Microsoft.AspNetCore.Authentication.SecureDataFormat1.Protect(TData data, String purpose) at Microsoft.AspNetCore.Authentication.SecureDataFormat1.Protect(TData data) at AspNet.Security.OpenIdConnect.Server.OpenIdConnectServerHandler.SerializeRefreshTokenAsync(ClaimsPrincipal principal, AuthenticationProperties properties, OpenIdConnectRequest request, OpenIdConnectResponse response) at AspNet.Security.OpenIdConnect.Server.OpenIdConnectServerHandler.SignInAsync(AuthenticationTicket ticket) at AspNet.Security.OpenIdConnect.Server.OpenIdConnectServerHandler.InvokeTokenEndpointAsync() at AspNet.Security.OpenIdConnect.Server.OpenIdConnectServerHandler.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application) info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2] Request finished in 121.1974ms 500

[dsuryd]

I couldn't reproduce this issue, and I tried both the github repo and the published dot net template. Can you try install the latest published template (v2.1.0) and create a new project:

dotnet new -i dotnetify.react.template
dotnet new dotnetify -o MyNewApp

[fastrocket]

Just tried using the two steps you provided and I see the same error. Our network admin updated all our Windows 10 dev boxes this weekend with security updates, so maybe that has something to do with it? I'm going to experiment with a Window 10 VM as well as my home box, and will update this ticket later. Thanks for the fast reply!

[fastrocket]

So our network admin installed the Windows 10 1803 update which may have caused this problem.

I experimented with DataProtection configuration and was able to fix this problem by adding this to Startup.cs's ConfigureServices:

services.AddDataProtection().PersistKeysToFileSystem(new DirectoryInfo(@"./"));

This saves the key-*.xml file to the app's directory (consider security before using this in production).

No errors when signing in now. Hopefully this helps someone else if they run into the same problem.

Feel free to close!