I have a project that uses Identityserver 4 with Blazor server. With .Net 5, it worked like a charm, both on development and when deployed. I updated to .Net 6 and Duende Identity server. After updating the project, it works on development, but I get this error after I accept the consents the and Idp server redirects to my application.
"ArgumentNullException: IDX10000: The parameter 'json' cannot be a 'null' or an empty object. (Parameter 'json')
Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectMessage..ctor(string json)"
System.ArgumentNullException: IDX10000: The parameter 'json' cannot be a 'null' or an empty object. (Parameter 'json')
at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectMessage..ctor(String json)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest)
I have spent days on this issue, but could not end with a solution. I appreciate a lot if anybody can help me on this issue.
I found a solution. In ISS, I set the Application pool identity to "localSystem" for the site running IDP, and it is running now.
Related
I am trying to get a Blazor Server project running using the Microsoft Identity Platform. I run through all of the steps, and then run the project, and get this exception:
OException: IDX20807: Unable to retrieve document from: 'https://stangrentals.b2clogin.com/StangRentals.onmicrosoft.com/b2c_1_susi/v2.0/.well-known/openid-configuration'. HttpResponseMessage: 'StatusCode: 404, ReasonPhrase: 'Not Found'
Obviously, something is incorrect about the URL, but it is unclear to me what the issue is.
I have posted the full reproduce issues details here, but I am basically accepting all of the defaults and then trying to run the project to no avail.
I'm build a project using SignalR.
As Front I'm using .Net Core, as Back I'm using React.
So in my localhost the project is working, but when i deploy this project i get an error.
In azure I have created:
2 web application - one used for cliend, and the other one for server.
1 Azure SignalR service (i tested it online and it worked)
1 Azure SQL Database
So when i try to invoke Method it now working and show me this error. Someone know how to solve this problem?
Please check this ASP.NET Core SignalR connection
troubleshooting | Microsoft Docs which helps to check errors
that can occur when trying to connectto an ASP.NET Core SignalR hub.
One common cause is that app enforce HTTPS by calling
UseHttpsRedirection in Startup, or enforces HTTPS via URL rewrite
rule.
So If it is the cause try to change the URL on the client side from
"http" to "https". like > .withUrl("https://xxx/HubName")
Also please go through c# - Could not connect to Azure SignalR Hub -
Stack Overflow And check if the signalR url endpoint for client
is correctly given
var signalrUrl = "https://myazuresignalr.service.signalr.net/client/?hub=yourHubName"
Please note that sending the exception this way to the client is
insecure .So try to either throw a HubException or set
EnableDetailedErrors on the server.See HandleErrors when :Use
hubs in ASP.NET Core SignalR | Microsoft Docs
Reference:
Invoke hub's method which throw ArgumentException, client gets
HubException: An unexpected error occurred · Issue azure-signalr ·
GitHub
So the problem was that my Database was empty... the migration did not upload, Update the database solved it.
I have a Blazor WA Application that is using Identity Server 4 Service for authenticating users. Everything works fine locally. The issue comes when I try and publish to Azure. Since the IDS is published at one address and Blazor at another, i get the X-Frame error when calling from "https://blazor..."
"Refused to display 'https://identity...' in a frame because it set 'X-Frame-Options' to 'sameorigin'."
I've added
builder.Services.AddAntiforgery(options =>
{
options.SuppressXFrameOptionsHeader = true;
});
to the Blazor startup and to the Identity start up (just for giggles) but the error remains.
Any ideas?
TYIA
The short answer is to set the CORS settings in Azure to allow all (*) or the specific URL in question "https://blazor...".
I had done that at one point but for some reason it didn't work. After consulting with an Azure tech we tried it again and it worked.
¯_(ツ)_/¯
I have an API built with Web API 2 (VB.Net), running on IIS 7.5 that relies on Windows Authentication and is queried by an AngularJS app. Everything has worked fine for a year or so but we now have a user that we've changed their username a couple of days ago as they have recently got married.
All normal Windows login processes work with the new username however the credentials that the API tries to use always refers to the old username.
AngularJS:
$http.get($rootScope.urlAPI + 'access/', {
cache: false,
withCredentials: true
}).success
...
Web API 2:
<HttpGet>
<Route("api/access")>
<ResponseType(GetType(UserAccessDTO))>
<NoCachePolicy>
<Authorize> _
Function GetStaffAccessForApp() As UserAccessDTO
Dim objUser As System.Security.Principal.WindowsPrincipal = RequestContext.Principal
Dim strUsername As String = objUser.Identity.Name
' strUsername is somehow returning their old username
...
strUsername is somehow returning their old username
Directly querying the API from the browser returns the same JSON result with the old username so I don't believe the issue is specifically with the AngularJS app but somewhere between the browser and the API...
This issue occurs from both IE11 and Google Chrome and I've tried clearing the browser cache, deleted cookies and also tried restarting the API's web-site service in IIS to reload the API.
We only have 2 domain controllers and it's been a couple of days so they are definitely synced and I've scrolled through the attributes of her account but can find no reference to her old username there so I'm at a loss as to where this is coming from :(
For anyone else with similar issue, it seems to have resolved only after a reboot of the servers. We conducted regular monthly maintenance which involves progressive restart of all servers. Somewhere between rebooting domain controllers, database server and API server it has resolved the issue for the user this morning.
A bit disappointing we couldn't nail down exactly where it was... but probably cached somewhere.
I have a SL navigation application, that currently runs on a shared hosting package with a 3rd party ISP. I can login, and register using the ASP.NET membership and role providers.
I have now setup a dedicated server, on which only my app will run. It does not yet have a domain name that points to it... I access it via an IP address.
I've copied the entire site (including the ClientBin and all the XAP's) to the new server, but the Authentication and Registration services don't work... they just return NotFound.
When I check Fiddler on the working site, this service is called :
www.myaddress.com/ClientBin/MyApp-Web-AuthenticationService.svc/binary/Login
which of course succeeds. However, on the other site, the fiddler trace looks the same (because I just copied the site) :
123.123.123.123/ClientBin/MyApp-Web-AuthenticationService.svc/binary/Login
but, the call fails with NotFound. Fiddler reports it as HTTP/1.1 500 Internal Server Error. When I open
http://localhost/ClientBin/MyApp-Web-AuthenticationService.svc/binary/Login
on the server, I get the HTTP/1.1 500, as well as this description :
Handler "svc-Integrated" has a bad module "ManagedPipelineHandler" in its module list
Which leads me to believe that there is something wrong with my IIS config, as the exact same code is working on another system.
What is a "bad module"? How do I fix it?
Normally this type of error is that ASP.Net is not activated or that a handler for svc is not registered or registered correctly.
In your case is looks a bit different. It could be that you have .net framework 4.0 code that you are trying to run in a .net framework 2.0 application pool.
IIS 500 errors often show up with more information in the Windows Event log - if you can somehow get access to that?
Also I've noticed that often the server will actually send debugging output back to the client that everything seems to ignore. Have you checked the entire raw response that is coming back from the server to see if there are any clues there?