Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IdentityServer 4 problems #142

Open
VidarM opened this issue Jul 13, 2021 · 0 comments
Open

IdentityServer 4 problems #142

VidarM opened this issue Jul 13, 2021 · 0 comments

Comments

@VidarM
Copy link

VidarM commented Jul 13, 2021

Hi Shazwazza!

Thanks for creating this cool package!

We have a problem, using latest version on Umbraco 8, and trying to connect to an IdentityServer 4.
We have been on this for 2 full days, with 2 developers.

  1. We never hit the ExternalCallback action.
  2. We try to get OwinContext.Authentication.GetExternalLoginInfoAsync() but it always return null

As a note, the login into IdentityServer works. We get the tokens back, and all seem to work from there. But we do not get the external cooke back inside ConfigureUmbracoAuthentication.
It only returns
Context.Response.Headers[2].Key = "Set-Cookie"
Context.Response.Headers[2].Value = "OpenIdConnect.nounce.xxxxxxxxxxx=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure; HttpOnly; SameSite=None"

So it seems that the connection between IdentiyServer and UmbracoIdentity is off.

Code at the bottom of the post.

Is there something special regarding the setup to get IdentityServer up and running with UmbracoIdentity?

`private static OpenIdConnectAuthenticationOptions CreateOidc(string providerName, string clientId, string authority, string redirectUri, string endpoint)
{

		var oidc = new OpenIdConnectAuthenticationOptions(providerName)
		{
			AuthenticationMode = AuthenticationMode.Active,
			
			Authority = authority,
			ClientId = clientId,
			RedirectUri = redirectUri,
			ResponseType = "code id_token token",
			Scope = "openid profile email bbl api",
    SignInAsAuthenticationType = "cookies",

    Notifications = new OpenIdConnectAuthenticationNotifications
			{
				RedirectToIdentityProvider = n =>
				{

				// if signing out, add the id_token_hint
					if (n.ProtocolMessage.RequestType == OpenIdConnectRequestType.Logout)
					{
						var idTokenHint = n.OwinContext.Authentication.User.FindFirst("id_token");

						if (idTokenHint != null)
						{
							n.ProtocolMessage.IdTokenHint = idTokenHint.Value;
						}
					}

					return Task.FromResult(0);
				},
				AuthorizationCodeReceived = async notification =>
				{
					await ProcessAutorizationCodeReceived(notification, authority, clientId, "", redirectUri, endpoint);
				},
			},
		};

		return oidc;

	}`

`cookieOptions.Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user
// logs in. This is a security feature which is used when you
// change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator
.OnValidateIdentity<UmbracoMembersUserManager, UmbracoApplicationMember, int>(
TimeSpan.FromMinutes(30),
(manager, user) => user.GenerateUserIdentityAsync(manager),
identity => identity.GetUserId())
};
app.UseCookieAuthentication(cookieOptions, PipelineStage.Authenticate);
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseIdentityServer2Authentication(.........);

`

Best regards
Vidar
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@VidarM