search

skoruba / IdentityServer4.Admin

The administration for the IdentityServer4 and Asp.Net Core Identity
MIT License
3.57k stars 1.15k forks source link

Always get Bad Request - Request Too Long #415

Closed kamalraturi closed 4 years ago

kamalraturi commented 4 years ago

I hosted the all applications(Dev branch) in server, where Identity server is working as expected but when IS4 admin makes the request for authentication it is authenticated and after "Consent" step the error comes as "Bad Request - Request Too Long". HTTP Error 400. The size of the request headers is too long. . FYI I could see in browser status bar that requests are circular for admin app and server. Its showing "waiting for [server1 IDS4]...." and then "waiting for [server2 admin]...." and keep showing back and forth. Then error comes as Bad Request - Request Too Long. Any help please.. https://test.com/ " Credentials are same as documentation, but try it with email" The applications work well in my local dev machine.

For the ssl configuration, I am using free cloudflare ssl for is4server: Used these settings as it is below:

"CertificateConfiguration": {

"UseTemporarySigningKeyForDevelopment": true,

"CertificateStoreLocation": "LocalMachine",
"CertificateValidOnly": true,
 .......

} Should I change it to something else? Might be causing this issue.

Here is the log created in is4.admin:

2019-11-21 07:13:10.459 +01:00 [ERR] Message contains error: 'invalid_request', error_description: 'error_description is null', error_uri: 'error_uri is null', status code '400'. 2019-11-21 07:13:10.459 +01:00 [ERR] Exception occurred while processing message. Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException: Message contains error: 'invalid_request', error_description: 'error_description is null', error_uri: 'error_uri is null'. at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync() 2019-11-21 07:13:10.461 +01:00 [ERR] An unhandled exception has occurred while executing the request. System.Exception: An error was encountered while handling the remote login. ---> Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException: Message contains error: 'invalid_request', error_description: 'error_description is null', error_uri: 'error_uri is null'. at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync() --- End of inner exception stack trace --- at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at NWebsec.AspNetCore.Middleware.Middleware.CspMiddleware.Invoke(HttpContext context) at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context) at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context) at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context) at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context) at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context) at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)

skoruba commented 4 years ago

The issue is probable SSL mode from cloudflare, because in this mode is not https covered on server. Look at this: https://example.com/.well-known/openid-configuration - all urls are http only.

skoruba commented 4 years ago

You can verify this issue on test environment with this code snippet - try it in Startup.cs in section - Configure:

app.Use(async (context, next) =>
            {
#if RELEASE
                context.Request.Scheme = "https";
#endif
                await next.Invoke();
            });
kamalraturi commented 4 years ago

The issue is probable SSL mode from cloudflare, because in this mode is not https covered on server. Look at this: https://test/.well-known/openid-configuration - all urls are http only.

Yes, that is. What can I do to make them https..

kamalraturi commented 4 years ago

You can verify this issue on test environment with this code snippet - try it in Startup.cs in section - Configure:

app.Use(async (context, next) =>
            {
#if RELEASE
                context.Request.Scheme = "https";
#endif
                await next.Invoke();
            });

This did the trick. Working now.. I use the code.

kamalraturi commented 4 years ago

The issue is probable SSL mode from cloudflare, because in this mode is not https covered on server. Look at this: https://example.com/.well-known/openid-configuration - all urls are http only.

Can you please remove my website link, if possible? ;)

skoruba commented 4 years ago

Deleted.