Open wlumetsberger opened 2 years ago
Issue is also during use in a standard IFrame:
@wlumetsberger, Thanks for reaching out to report this! To help us reproduce and investigate the issue further can you share a project/solution that reproduces the issue as you describe? I have added an item for internal tracking for further review.
@bryanapellanes-okta here is a link to the repo: https://github.com/wlumetsberger/okta-blazor-server-side-tests
If the Balzor-Seite is embedded in an IFrame (Microsoft Teams WebsiteTab) the Authentication ends up in a Loop. Teams uses also Federated Authentication with Okta. Using the Site Standalone the Authentication Works as aspect. AccountController is called -> Challange is Called -> Okta Login does appear OnTokenValidateEvent gets fired containing the authenticated Userprincipal in args.Identity AccountController is called -> HttpContext.User is authenticated
Using the same Site in a Team Websitetab the steps are the following: AccountController is called -> Challenge is Called -> no Okta Login appears (Token is already here) OnTokenValidateEvent gets fired containing the authenticated Userprincipal AccountController is called -> but now User is not authenticated! --> Loop
This is the Configuration used: