Context:
- ASP.NET Core and Angular v10.3.0
I'm working on a project which uses openid as one way of authentication. Last week was working just fine, no issues. Suddendly monday morning: hell. For no reason all environments DEV, QA, Prod were unable to login using this feature. There was no deployment, in production a while. All of these Apps are hosted on Azure App Services and I've checked the configuration, and nothing "apperently" has changed. Funny part: Is working on localhost.
After being redirected from OpenID, the return url forces the browser with 302 http status and location request header listed below: (i've replace the real token, for security reasons) `HTTP/1.1 302 Found Cache-Control: no-store, no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Location: http://example.com/account/login#id_token=ey{...}.eyJ{....}.{...}&state=Rn{..}6%3bopenIdConnect%253D1&session_state=558a7d74-e2cf-4e25-86ec-cd0a9f6f500f Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" x-ms-request-id: 96fbfb94-5412-460d-b1f9-d9e132bc7d00 x-ms-ests-server: 2.1.12011.8 - NEULR2 ProdSlices
Set-Cookie: fpc=ArP_u2aVQNNPkjsfQqhcuB4i0kDOBQAAAJyrytgOAAAA3201hQEAAACeq8rYDgAAAA; expires=Fri, 08-Oct-2021 13:03:56 GMT; path=/; secure; HttpOnly; Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly Set-Cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly Referrer-Policy: strict-origin-when-cross-origin Date: Wed, 08 Sep 2021 13:03:56 GMT Connection: close Content-Length: 1756
Object moved to here.
`I can see for a split second the URL of my browser with the link above, but its very fast replaced with the default account/login route:
from:
https://example.com/account/login#id_token=ey{...}.eyJ{....}.{...}&state=Rn{..}6;openIdConnect%3D1&session_state=558a7d74-e2cf-4e25-86ec-cd0a9f6f500f
to
https//example.com/account/login
If i paste the url directly in the browser it works
https://example.com/account/login#id_token=ey{...}.eyJ{....}.{...}&state=Rn{..}6;openIdConnect%3D1&session_state=558a7d74-e2cf-4e25-86ec-cd0a9f6f500f
Another thing its that when i paste the url directly on the browser I have to press enter twice, maybe something related with the browsers, but i've experimented in FireFox, Brave, Edge and Chrome
Any hint/help would be great. Thanks
3 Answer(s)
-
0
Hi @rfrcarvalho
It is hard to determine the problem if your website is not updated at all. In that case, maybe a change on Azure side might cause the problem.
To detect the problem, you can add logging in your login.service.ts and you can also compare your login.service.ts with the latest version.
Thanks,
-
0
Can anyone close this ? Its solverd
Update: Nevermind this was related with another library used in the project. You can close.
Thanks anyway
-
0
Thanks @rfrcarvalho
