search

okta / okta-sdk-dotnet

A .NET SDK for interacting with the Okta management API, enabling server-side code to manage Okta users, groups, applications, and more.
Other
160 stars 100 forks source link

Can't use okta.sdk together with okta.aspnetcore on a .net 6 aspnetcore project #585

Closed fabiansanchez18 closed 2 years ago

fabiansanchez18 commented 2 years ago

Describe the bug?

I am trying to deploy Blazor Webassembly hosted on a asp.netcore server. I managed to implement the oidc authentication between the blazor client and the asp.net core server. The API authenticates correctly and redirect to login when not and so on. But when I install okta.sdk, the server starts to respond 401 responses. I have okta.sdk and okta.auth.sdk on another azure function server, using direct login and managin sessions whitout troubles, to support a mobile app.

What is expected to happen?

Expectedget authenticated user id with
var principal = HttpContext.User.Identity as ClaimsIdentity; as the documentation says, and then use it to get the user from okta.sdk with: var user = await client.Users.GetUserAsync(username); where username is the login claim from the first part.

What is the actual behavior?

Actual behavior: when I install the okta.sdk package, the web api start sending 401 responses all the time, even does my user is logged in on Okta server On the navigator I get the following response:

General: t URL: https://localhost:7153/api/owner/OwnerId Request Method: GET Status Code: 401 Unauthorized Remote Address: [::1]:7153 Referrer Policy: strict-origin-when-cross-origin

Response Header: Content-Length: 0 Date: Fri, 09 Sep 2022 02:36:09 GMT Server: Kestrel WWW-Authenticate: Bearer error="invalid_token"

RequestHeader: Accept: / Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9,es;q=0.8 authorization: Bearer **------****--------*** Cache-Control: no-cache Connection: keep-alive Host: localhost:7153 Pragma: no-cache Referer: https://localhost:7153/id sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "macOS" Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Reproduction Steps?

-follow the ASP.NET Core redirect authentication sample app Okta-Hosted Login guides to configure okta with blazor.

1 - try protecting with [Authorize] the asp.net controllers. 2 - test authentication and see how it works. 3 - install okta.sdk package. 4 - try connecting to the endpoint from the application and see all the 401 responses.

Additional Information?

No response

.NET Version

Homes-MacBook-Pro-2:Server home$ dotnet --version 6.0.400

SDK Version

Latest 5.6.2

OS version

Homes-MacBook-Pro-2:Server home$ uname -a Darwin Homes-MacBook-Pro-2.local 20.6.0 Darwin Kernel Version 20.6.0: Tue Jun 21 20:50:28 PDT 2022; root:xnu-7195.141.32~1/RELEASE_X86_64 x86_64

bryanapellanes-okta commented 2 years ago

@fabiansanchez18 Thanks for reaching out and bringing this to our attention! I've added an internal issue for tracking; this will need to be prioritized against other work.

Internal Ref: OKTA-531294

laura-rodriguez commented 2 years ago

Hi @fabiansanchez18,

Can you please share a Fiddler log/HAR of the whole scenario that's failing? Is the authorization header properly set with the corresponding token when you hit the protected endpoint?

fabiansanchez18 commented 2 years ago

Hi @fabiansanchez18,

Can you please share a Fiddler log/HAR of the whole scenario that's failing? Is the authorization header properly set with the corresponding token when you hit the protected endpoint?

No problem. Where should I put it. I mean, How can I share it with you?

fabiansanchez18 commented 2 years ago

I Am authentication well only with okta.aspnetcore, but in the moment I install okta.sdk it stops and start sending 401 responses. I mean, I make no changes on Client, only install the package from nuget to the server, that already has okta.aspnetcore installed and working with the client, and everything changes.

fabiansanchez18 commented 2 years ago

I updated now to the latest version of okta.aspnetcore and I can't see anymore the problem. It is authenticating well now. Maybe wrong nuget cache package or something. I will implement now the functionalities from okta.sdk on my project to handle user profiles. Let's see if everything keeps well. Thank you for listening.

bryanapellanes-okta commented 2 years ago

I updated now to the latest version of okta.aspnetcore and I can't see anymore the problem. It is authenticating well now. Maybe wrong nuget cache package or something. I will implement now the functionalities from okta.sdk on my project to handle user profiles. Let's see if everything keeps well. Thank you for listening.

I'm glad your problem is resolved. Please feel free to open another issue if you need further assistance. Thanks for using Okta!