search

skoruba / IdentityServer4.Admin

The administration for the IdentityServer4 and Asp.Net Core Identity
MIT License
3.57k stars 1.15k forks source link

Skoruba problem with Google Chrome #692

Open tojosmarce opened 4 years ago

tojosmarce commented 4 years ago

Hi,

I have a IdentityServer4 template with Skoruba. This work very good with Firefox, Opera, Edge; however, when I use Google Chrome an have problems.

I run the application and the login page and I write username and password and nothing happen. I don't get principal page Skroruba or an authentication error message.

What could be the problem?

skoruba commented 4 years ago

Hi, do you use latest version from master branch? Thanks

tojosmarce commented 4 years ago

I used this sentence to create: dotnet new -i Skoruba.IdentityServer4.Admin.Templates::1.0.0-rc1-update2

skoruba commented 4 years ago

Please, try use following latest version: dotnet new -i Skoruba.IdentityServer4.Admin.Templates::1.0.0-rc2-update1

tojosmarce commented 4 years ago

Thank you. I am going to try that.

tojosmarce commented 4 years ago

It works! Maybe, do you know what differences there are between code in Skoruba.IdentityServer4.Admin.Templates::1.0.0-rc1-update2 and Skoruba.IdentityServer4.Admin.Templates::1.0.0-rc2-update1 to make these changes in my initial solution?

cyril-iselin commented 4 years ago

Im not sure, may this change is related ?

https://github.com/skoruba/IdentityServer4.Admin/blame/master/src/Skoruba.IdentityServer4.Shared/Authentication/AuthenticationHelpers.cs

skoruba commented 4 years ago

Yes, this is related fix. 👍

tojosmarce commented 4 years ago

Hi Skoruba. I used dotnet new -i Skoruba.IdentityServer4.Admin.Templates::1.0.0-rc2-update1 and it works correctly to login within Skoruba; however I created a client for a web application and it works in Edge and Firefox , but I continue with problems Chrome and now in Opera.

  1. Chrome: I get an error after login page (error 500): http://localhost:3000/signin-oidc
  2. Opera: I dont get the login page, I watch only in navegation bar: https://localhost:44310/connect/authorize and and it stays loading.

Please, can you help me?

cyril-iselin commented 4 years ago

@tojosmarce
We get similar behaivor in chrome when you create the cookie on identyserver which is runnig under HTTPS and your Application then is running under Localhost (HTTP)

(When you do this, you have to disable in chrome the security option "cookies-without-same-site-must-be-secure") -> This will affect all sites not only localhost (...)

tojosmarce commented 4 years ago

Thank you cyril-iselin.

When we use Skoruba with https and our application with https too, it works correctlty. The problem is when Skoruba runs with https and our application with http. Any idea how can I configurate this? Or How do I do when Skoruba runs on http too?

cyril-iselin commented 4 years ago

May I'm wrong, but I think this is related to the security setting of the browser. Chrome does not allow transfer cookies from HTTPS to HTTP per default (see my comment about cookies-without-same-site-must-be-secure) . I don't think you can handle this within your code.

I think http to http should not be an issue (never tested it).

skoruba commented 4 years ago

@tojosmarce - why do you need http? Thanks

tojosmarce commented 4 years ago

We app had some problems with docker and https, however I am making some changes for https.