Open Closed

IdentityServer introspect and userinfo endpoint not available #10294


0
nagib.aouini created

Prerequisites

Please answer the following questions before submitting an issue. YOU MAY DELETE THE PREREQUISITES SECTION.

  • What is your product version? 10.3
  • What is your product type (Angular or MVC)? Angular
  • What is product framework type (.net framework or .net core)? .net core 5

Questions

  1. We activated the IdentitServer
  2. We access the .well-known/openid-configuration properly

"IdentityServer": { "IsEnabled": "true", "Authority": "https://localhost:44301/", "ApiName": "default-api",

The endpoint introspect https:/<app>/connect/introspect return an Error 404 ! like explained here https://identityserver4.readthedocs.io/en/latest/endpoints/introspection.html

<head> <title>ADMIN - Error</title>

&lt;link href=&quot;/view-resources/Views/Error/Index.css?v=8chyDsqrMk2dqzEb9NwpgKudCaENhDdlvh6dpWmjNzY&quot; rel=&quot;stylesheet&quot; /&gt;

</head> <div class="m-error_container"> <span class="m-error_title"> <h1> Error! </h1> </span> <p class="m-error_subtitle"> An internal error occurred during your request! </p> <p class="m-error_description"> </p> </div>

How we can access all IdentityServer endpoint so an external app can check accessToken and userInfo ?


5 Answer(s)
  • 0
    ismcagdas created
    Support Team

    Hi @nagib.aouini

    As I can see, endpoint exists in the latest version. Could you share how do you call this endpoint ?

    Thanks,

  • 0
    nagib.aouini created

    Hi This shows on error logs

    Exceptions caught: 'System.NotSupportedException: IDX10634: Unable to create the SignatureProvider. Algorithm: 'HS256', SecurityKey: 'Microsoft.IdentityModel.Tokens.RsaSecurityKey, KeyId: '8754EC1B28DDFA079D97CF996304434D', InternalId: '9n57E3u1vGm2iMFnZ88ZR-wxeDNgPVQ1Z8zDUeKWTqs'.' is not supported. The list of supported algorithms is available here: https://aka.ms/IdentityModel/supported-algorithms at Microsoft.IdentityModel.Tokens.CryptoProviderFactory.CreateSignatureProvider(SecurityKey key, String algorithm, Boolean willCreateSignatures, Boolean cacheProvider) at Microsoft.IdentityModel.Tokens.CryptoProviderFactory.CreateForVerifying(SecurityKey key, String algorithm, Boolean cacheProvider) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature(Byte[] encodedBytes, Byte[] signature, SecurityKey key, String algorithm, SecurityToken securityToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature(String token, TokenValidationParameters validationParameters) '. token: '{"alg":"HS256","typ":"JWT"}.{"sub":"2","name":"admin","http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress":"admin@defaulttenant.com","aspnet.identity.securitystamp":"NTYXATPGVEXNZTKHHHVUE6DX6I3276UF","role":["Admin","2e4f924305dd44ec8270d07ddec8ae4d","fd553750180b45479df2f646d6cd782a"],"http://www.aspnetboilerplate.com/identity/claims/tenantId":"1","jti":"ebdc1c24-f310-4e52-9f0a-ef3b50ed4146","iat":1620030164,"token_validity_key":"e9ab3352-67c5-4b39-84ba-0d81be05e62a","user_identifier":"2@1","token_type":"0","refresh_token_validity_key":"7db0b7f6-1731-4ff2-bd9e-7784967a2125","nbf":1620030164,"exp":1620116564,"iss":"ADMIN","aud":"ADMIN"}'. at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature(String token, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken) at IdentityServer4.Validation.TokenValidator.ValidateJwtAsync(String jwt, IEnumerable`1 validationKeys, Boolean validateLifetime, String audience)

  • 0
    ismcagdas created
    Support Team

    Hi,

    By default, AspNet Zero only configures AddDeveloperSigningCredential. Could you share how do you configure production certificate for Identity Server ? I think the problem is related to that.

  • 0
    nagib.aouini created

    Hi Team,

    I am following below urls. https://support.aspnetzero.com/QA/Questions/9495/Identity-server4-integration-EntityFramework-EF-as-the-storage-mechanism https://github.com/aspnetboilerplate/aspnetboilerplate/issues/5757

    I am implementing and creating the tables. I just wanted to confirm that am I on the right track? Is there any other help document which you can provide?

  • 0
    ismcagdas created
    Support Team