search

okta / samples-aspnet

samples-aspnet
https://github.com/okta/samples-aspnet
Apache License 2.0
42 stars 107 forks source link

Login issue with ASP.NET MVC app #73

Closed mohitlwcc closed 2 years ago

mohitlwcc commented 2 years ago

Hi,

I have integrated okta hosted login method with my app. The issue I am facing is as follows:

1) It allow only login for one time after that I have to reset IIS services to get it to work again. 2) Once logged in successfully, if I logout of the application, and keep browser open, and try to log back in then it goes to endless loop, and then I get "HTTP Error 400. The size of the request headers is too long.", now if I do reset IIS then it works again for one time then same problem occur again.

Below are the settings in startup.cs as well as web config:

Startup.cs:

public void Configuration(IAppBuilder app) { app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

        app.UseCookieAuthentication(new CookieAuthenticationOptions());

        app.UseOktaMvc(new OktaMvcOptions()
        {
            OktaDomain = ConfigurationManager.AppSettings["okta:OktaDomain"],
            ClientId = ConfigurationManager.AppSettings["okta:ClientId"],
            ClientSecret = ConfigurationManager.AppSettings["okta:ClientSecret"],
            AuthorizationServerId = ConfigurationManager.AppSettings["okta:AuthorizationServerId"],
            RedirectUri = ConfigurationManager.AppSettings["okta:RedirectUri"],
            PostLogoutRedirectUri = ConfigurationManager.AppSettings["okta:PostLogoutRedirectUri"],
            GetClaimsFromUserInfoEndpoint = true,
            Scope = new List<string> { "openid", "profile", "email" },
        });
    }

Web.config

<add key="okta:ClientId" value="SOMEID" />
<add key="okta:ClientSecret" value="SOMEKEY" />
<add key="okta:OktaDomain" value="URL" />
<add key="okta:AuthorizationServerId" value="default" />

<!-- 2. Update the Okta application with these values authorization-code/callback-->
<add key="okta:RedirectUri" value="http://localhost:49922/Signin/Interactive" />
<add key="okta:PostLogoutRedirectUri" value="http://localhost:49922/Account/PostLogout" />
bryanapellanes-okta commented 2 years ago

@mohitlwcc Thanks for reaching out! Please advise which sample you are working with.

We will need to investigate more deeply to reproduce the issue so we can provide a fix or workaround.

bryanapellanes-okta commented 2 years ago

@mohitlwcc I've opened an internal issue to investigate further, this will need to be prioritized with other work.

Internal Ref: OKTA-521223

mohitlwcc commented 2 years ago

@bryanapellanes-okta Thank you. Looking forward to the solution.

mohitlwcc commented 2 years ago

Resolved by adding below line of code in Global.asax.cs file

protected void Session_Start(object sender, EventArgs e) { // place holder to solve endless loop issue }