- ABP Framework version: v4.3.2
- UI type: Angular
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes
- Exception message and stack trace:
--- End of inner exception stack trace --- at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at IdentityServer4.Hosting.FederatedSignOut.AuthenticationRequestHandlerWrapper.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Volo.Abp.AspNetCore.Tracing.AbpCorrelationIdMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<
- Steps to reproduce the issue:"
- conffiguration [ProjectName]HttpApiHostModule
context.Services.AddAuthentication()
.AddJwtBearer(options =>
{
options.Authority = configuration["AuthServer:Authority"];
options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]);
options.Audience = "ProjectName";
options.BackchannelHttpHandler = new HttpClientHandler
{
ServerCertificateCustomValidationCallback =
HttpClientHandler.DangerousAcceptAnyServerCertificateValidator
};
})
.AddOpenIdConnect("xxx", "xxx", options =>
{
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
options.SignOutScheme = IdentityServerConstants.SignoutScheme;
options.Authority = "https://xxx/";
options.CallbackPath = "/";
options.ClientSecret = configuration["MyIdAuthServer:ClientSecret"];
options.ClientId = configuration["MyIdAuthServer:ClientId"];
options.ResponseType = OpenIdConnectResponseType.Code;
options.BackchannelHttpHandler = new HttpClientHandler
{
ServerCertificateCustomValidationCallback =
HttpClientHandler.DangerousAcceptAnyServerCertificateValidator
};
});
- configuration launchSetting.json
"profiles": {
"IIS Express": {
"commandName": "IISExpress",
"launchBrowser": true,
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
},
"Project.HttpApi.Host": {
"commandName": "Project",
"launchBrowser": true,
"launchUrl": "swagger",
"applicationUrl": "https://localhost:44361",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
}
}
- run command
dotnet watch --project xxx run -c Debug --launch-profile=Project.HttpApi.Host
This exception don't affect normal use.
when I visit https://localhost:44361/home or https://localhost:44361/swagger, the program don't throw this exception msg, so I guess this question is because I add OpenId authentication , I think set program default application URL to https://localhost:44361/home or https://localhost:44361/swagger ,this question can be solved, but after I add "launchUrl": "swagger" to launchSetting.json file, it don't work.
PS: when I remove options.CallbackPath = "/"; of OpenId authentication, this exception msg is don't throw too, but I can't remove this setting, because if I do that, OpenId authentication can't work.
So can you help me? thanks a lot!
3 Answer(s)
-
1
Hi,
You can try:
options.CallbackPath = "/signin-oidc" -
0
Also, see: https://github.com/dotnet/aspnetcore/issues/8894#issuecomment-477718158
Its doesn't work like you think it does. Authentication Handlers run on every request, regardless of the path. The handler decides if it needs to intervene based on, among other things, the path.
For example; RemoteAuthenticationHandler (which OIDC uses) does it inside ShouldHandleEvent()
This default implementation looks at the Options for the handler, which contains a CallbackPath property, then compares the inbound request path against that value. The base implementation of HandleRequestAsync() calls this function right at the start to see if it needs to run. There's no registration or anything of that ilk.
-
0
I think I know the use of callback option in integration OIDC authentication, It's solved, thanks a lot.
