search

jbreuer / Umbraco-OpenIdConnect-Example

An example to show how Umbraco and OpenIdConnect work together
MIT License
32 stars 9 forks source link

/signin-oidc - OpenIdConnectAuthenticationHandler: message.State is null or empty. #6

Open chrisbrasington opened 1 year ago

chrisbrasington commented 1 year ago

Hey first off this code sample is fantastic, definitely gets me up and running.

I noticed an oddity - when I tried to implement an OpenIdConnect provider (before reading umbraco documentation and using member auto-linking), I hit a snag where my AuthenticationMiddleware and the default callback path of /signin-oidc error.

I noticed this project also exhibits the same error where navigation to /signin-oidc has an exception reproudicble by just running this project.

Do you know more about why this may be or an adjustment that can be made during AddOpenIdConnect? Using IUmbracoBuilder.AddMemberExternalLogins was just slightly different enough from a non-umbraco sample I had working, so this threw me off for some time until I found this project.

Exception: OpenIdConnectAuthenticationHandler: message.State is null or empty.

Unknown location Exception: An error was encountered while handling the remote login.

Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler.HandleRequestAsync()

Exception: An error was encountered while handling the remote login.

Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler<TOptions>.HandleRequestAsync()
Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
StackExchange.Profiling.MiniProfilerMiddleware.Invoke(HttpContext context) in MiniProfilerMiddleware.cs
Umbraco.Cms.Web.Common.Middleware.UmbracoRequestMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
Umbraco.Cms.Web.Common.Middleware.UmbracoRequestMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
Microsoft.AspNetCore.Builder.UseMiddlewareExtensions+<>c__DisplayClass6_1+<<UseMiddlewareInterface>b__1>d.MoveNext()
Umbraco.Cms.Web.Common.Middleware.PreviewAuthenticationMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
Microsoft.AspNetCore.Builder.UseMiddlewareExtensions+<>c__DisplayClass6_1+<<UseMiddlewareInterface>b__1>d.MoveNext()
Umbraco.Cms.Web.Common.Middleware.UmbracoRequestLoggingMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
Microsoft.AspNetCore.Builder.UseMiddlewareExtensions+<>c__DisplayClass6_1+<<UseMiddlewareInterface>b__1>d.MoveNext()
SixLabors.ImageSharp.Web.Middleware.ImageSharpMiddleware.Invoke(HttpContext httpContext, bool retry)
Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddlewareImpl.Invoke(HttpContext context)
chrisbrasington commented 1 year ago

image

alispire commented 2 months ago

Hi,

I think adding options.UseSecurityTokenValidator = true; have solved the issue for me.

logins.AddMemberLogin(
    memberAuthenticationBuilder =>
    {
        memberAuthenticationBuilder.AddOpenIdConnect(
            // The scheme must be set with this method to work for the umbraco members
            memberAuthenticationBuilder.SchemeForMembers(OpenIdConnectMemberExternalLoginProviderOptions.SchemeName),
            options =>
            {
                // START To fix error when going to /signin.oidc - see https://stackoverflow.com/questions/72922593/asp-net-core-openidconnect-message-state-is-null-or-empty
                //options.SkipUnrecognizedRequests = true;
                options.UseSecurityTokenValidator = true;
                // END

                var config = builder.Config;