wlumetsberger
commented
2 years ago Issue is also during use in a standard IFrame:
Open wlumetsberger opened 2 years ago
wlumetsberger
commented
2 years ago Issue is also during use in a standard IFrame:
bryanapellanes-okta
commented
2 years ago @wlumetsberger, Thanks for reaching out to report this! To help us reproduce and investigate the issue further can you share a project/solution that reproduces the issue as you describe? I have added an item for internal tracking for further review.
wlumetsberger
commented
2 years ago @bryanapellanes-okta here is a link to the repo: https://github.com/wlumetsberger/okta-blazor-server-side-tests
If the Balzor-Seite is embedded in an IFrame (Microsoft Teams WebsiteTab) the Authentication ends up in a Loop. Teams uses also Federated Authentication with Okta. Using the Site Standalone the Authentication Works as aspect. AccountController is called -> Challange is Called -> Okta Login does appear OnTokenValidateEvent gets fired containing the authenticated Userprincipal in args.Identity
AccountController is called -> HttpContext.User is authenticated
Using the same Site in a Team Websitetab the steps are the following: AccountController is called -> Challenge is Called -> no Okta Login appears (Token is already here)
OnTokenValidateEvent gets fired containing the authenticated Userprincipal
AccountController is called -> but now User is not authenticated! --> Loop
This is the Configuration used: