Open Closed

Why OpenId with ADFS suddendly stop working? #10573

rfrcarvalho created


  • ASP.NET Core and Angular v10.3.0

I'm working on a project which uses openid as one way of authentication. Last week was working just fine, no issues. Suddendly monday morning: hell. For no reason all environments DEV, QA, Prod were unable to login using this feature. There was no deployment, in production a while. All of these Apps are hosted on Azure App Services and I've checked the configuration, and nothing "apperently" has changed. Funny part: Is working on localhost.

After being redirected from OpenID, the return url forces the browser with 302 http status and location request header listed below: (i've replace the real token, for security reasons) `HTTP/1.1 302 Found Cache-Control: no-store, no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Location:{...}.eyJ{....}.{...}&state=Rn{..}6%3bopenIdConnect%253D1&session_state=558a7d74-e2cf-4e25-86ec-cd0a9f6f500f Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" x-ms-request-id: 96fbfb94-5412-460d-b1f9-d9e132bc7d00 x-ms-ests-server: 2.1.12011.8 - NEULR2 ProdSlices

Set-Cookie: fpc=ArP_u2aVQNNPkjsfQqhcuB4i0kDOBQAAAJyrytgOAAAA3201hQEAAACeq8rYDgAAAA; expires=Fri, 08-Oct-2021 13:03:56 GMT; path=/; secure; HttpOnly; Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly Set-Cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly Referrer-Policy: strict-origin-when-cross-origin Date: Wed, 08 Sep 2021 13:03:56 GMT Connection: close Content-Length: 1756

Object moved to here.


I can see for a split second the URL of my browser with the link above, but its very fast replaced with the default account/login route: from:{...}.eyJ{....}.{...}&state=Rn{..}6;openIdConnect%3D1&session_state=558a7d74-e2cf-4e25-86ec-cd0a9f6f500f to https//

If i paste the url directly in the browser it works{...}.eyJ{....}.{...}&state=Rn{..}6;openIdConnect%3D1&session_state=558a7d74-e2cf-4e25-86ec-cd0a9f6f500f

Another thing its that when i paste the url directly on the browser I have to press enter twice, maybe something related with the browsers, but i've experimented in FireFox, Brave, Edge and Chrome

Any hint/help would be great. Thanks

3 Answer(s)
  • 0
    ismcagdas created
    Support Team

    Hi @rfrcarvalho

    It is hard to determine the problem if your website is not updated at all. In that case, maybe a change on Azure side might cause the problem.

    To detect the problem, you can add logging in your login.service.ts and you can also compare your login.service.ts with the latest version.


  • 0
    rfrcarvalho created

    Can anyone close this ? Its solverd

    Update: Nevermind this was related with another library used in the project. You can close.

    Thanks anyway

  • 0
    ismcagdas created
    Support Team

    Thanks @rfrcarvalho