Base solution for your next web application
Open Closed

Why OpenId with ADFS suddendly stop working? #10573


User avatar
0
rfrcarvalho created

Context:

  • ASP.NET Core and Angular v10.3.0

I'm working on a project which uses openid as one way of authentication. Last week was working just fine, no issues. Suddendly monday morning: hell. For no reason all environments DEV, QA, Prod were unable to login using this feature. There was no deployment, in production a while. All of these Apps are hosted on Azure App Services and I've checked the configuration, and nothing "apperently" has changed. Funny part: Is working on localhost.

After being redirected from OpenID, the return url forces the browser with 302 http status and location request header listed below: (i've replace the real token, for security reasons) `HTTP/1.1 302 Found Cache-Control: no-store, no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Location: http://example.com/account/login#id_token=ey{...}.eyJ{....}.{...}&state=Rn{..}6%3bopenIdConnect%253D1&session_state=558a7d74-e2cf-4e25-86ec-cd0a9f6f500f Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" x-ms-request-id: 96fbfb94-5412-460d-b1f9-d9e132bc7d00 x-ms-ests-server: 2.1.12011.8 - NEULR2 ProdSlices

Set-Cookie: fpc=ArP_u2aVQNNPkjsfQqhcuB4i0kDOBQAAAJyrytgOAAAA3201hQEAAACeq8rYDgAAAA; expires=Fri, 08-Oct-2021 13:03:56 GMT; path=/; secure; HttpOnly; Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly Set-Cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly Referrer-Policy: strict-origin-when-cross-origin Date: Wed, 08 Sep 2021 13:03:56 GMT Connection: close Content-Length: 1756

Object moved to here.

`

I can see for a split second the URL of my browser with the link above, but its very fast replaced with the default account/login route: from: https://example.com/account/login#id_token=ey{...}.eyJ{....}.{...}&state=Rn{..}6;openIdConnect%3D1&session_state=558a7d74-e2cf-4e25-86ec-cd0a9f6f500f to https//example.com/account/login

If i paste the url directly in the browser it works https://example.com/account/login#id_token=ey{...}.eyJ{....}.{...}&state=Rn{..}6;openIdConnect%3D1&session_state=558a7d74-e2cf-4e25-86ec-cd0a9f6f500f

Another thing its that when i paste the url directly on the browser I have to press enter twice, maybe something related with the browsers, but i've experimented in FireFox, Brave, Edge and Chrome

Any hint/help would be great. Thanks


3 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @rfrcarvalho

    It is hard to determine the problem if your website is not updated at all. In that case, maybe a change on Azure side might cause the problem.

    To detect the problem, you can add logging in your login.service.ts and you can also compare your login.service.ts with the latest version.

    Thanks,

  • User Avatar
    0
    rfrcarvalho created

    Can anyone close this ? Its solverd

    Update: Nevermind this was related with another library used in the project. You can close.

    Thanks anyway

  • User Avatar
    0
    ismcagdas created
    Support Team

    Thanks @rfrcarvalho