Hi,
We are currently working on an update of our aspnet zero based application from version 10.3 to version 12.3 Asp Net Core Angular. At this point of time we get all working except the configuration of OpenId Connect.
The old working setting is:
"OpenId": { "IsEnabled": "true", "ClientId": "xxxx", "ClientSecret": "xxxx", "LoginUrl": "https://login.microsoftonline.com/xxx/oauth2/v2.0/authorize", "ValidateIssuer": "true", "ClaimsMapping": [ { "claim": "unique_name", "key": "preferred_username" }, { "claim": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", "key": "http://schemas.microsoft.com/identity/claims/objectidentifier" } ] },
After upgrading the code we not are able to log in anymore.
What I am able to see is that the login.service.ts calls the oauthService to retrieve provider informations GetExternalAuthenticationProviders ( { "name": "OpenIdConnect", "clientId": "xxx", "additionalParams": { "Authority": "https://login.microsoftonline.com/xxx/v2.0", "LoginUrl": "https://login.microsoftonline.com/xxx/oauth2/v2.0/authorize", "ValidateIssuer": "True", "ResponseType": "" } } ). Next step is passing the information to the oauthService via configure method and retrieveing the claims. And the step to retrieve the claims fails with an null object.
login.service.ts:
public openIdConnectLoginCallback(resp) { this.initExternalLoginProviders(() => { let openIdProvider = _filter(this.externalLoginProviders, { name: 'OpenIdConnect', })[0]; console.log("Provider ", openIdProvider); let authConfig = this.getOpenIdConnectConfig(openIdProvider); console.log("Config ", authConfig); this.oauthService.configure(authConfig); this.spinnerService.show();
** let claims = this.oauthService.getIdentityClaims();**
claims is null. -> service-proxies.ts:42047 ERROR TypeError: Cannot read properties of null (reading 'sub')
Do you have some informations what has changed between this versions, or what I currently do wrong?
Regards,
Frank
5 Answer(s)
-
0
Hi @medigmbh
Are there any server side logs related to this problem ? Could you check that ?
-
0
There are some logs but no errors. All calls to the backend return with 200. The only error i can see is the frontend one, with the empty claims.
The token which im recieving from azure { "aud": "xxx", "iss": "https://login.microsoftonline.com/xxxx/v2.0", "iat": xxx, "nbf": xxx, "exp": xxx, "aio": "xxx", "name": "xxx", "nonce": "xxx", "oid": "xxx", "preferred_username": xxx", "rh": "xxx", "sub": "xxx", "tid": "xxx", "uti": "xxx", "ver": "2.0" }
-
0
Hi,
Is it possible to test this on your live app ? If so, could you send its URL to [email protected] ?
-
0
I am gonig to check whether I am allowed to deploy it to our test environment.
-
0
Hi @medigmbh
We got your email about this problem, we can continue via email and I will write the latest result here.