Base solution for your next web application
Open Closed

OpenId Connect after Upgrading from 10.3 to v12.4 #11716


User avatar
0
medigmbh created

Hi,

We are currently working on an update of our aspnet zero based application from version 10.3 to version 12.3 Asp Net Core Angular. At this point of time we get all working except the configuration of OpenId Connect.

The old working setting is:

"OpenId": { "IsEnabled": "true", "ClientId": "xxxx", "ClientSecret": "xxxx", "LoginUrl": "https://login.microsoftonline.com/xxx/oauth2/v2.0/authorize", "ValidateIssuer": "true", "ClaimsMapping": [ { "claim": "unique_name", "key": "preferred_username" }, { "claim": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", "key": "http://schemas.microsoft.com/identity/claims/objectidentifier" } ] },

After upgrading the code we not are able to log in anymore.

What I am able to see is that the login.service.ts calls the oauthService to retrieve provider informations GetExternalAuthenticationProviders ( { "name": "OpenIdConnect", "clientId": "xxx", "additionalParams": { "Authority": "https://login.microsoftonline.com/xxx/v2.0", "LoginUrl": "https://login.microsoftonline.com/xxx/oauth2/v2.0/authorize", "ValidateIssuer": "True", "ResponseType": "" } } ). Next step is passing the information to the oauthService via configure method and retrieveing the claims. And the step to retrieve the claims fails with an null object.

login.service.ts:

public openIdConnectLoginCallback(resp) { this.initExternalLoginProviders(() => { let openIdProvider = _filter(this.externalLoginProviders, { name: 'OpenIdConnect', })[0]; console.log("Provider ", openIdProvider); let authConfig = this.getOpenIdConnectConfig(openIdProvider); console.log("Config ", authConfig); this.oauthService.configure(authConfig); this.spinnerService.show();

   **    let claims = this.oauthService.getIdentityClaims();**

claims is null. -> service-proxies.ts:42047 ERROR TypeError: Cannot read properties of null (reading 'sub')

Do you have some informations what has changed between this versions, or what I currently do wrong?

Regards,

Frank


5 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @medigmbh

    Are there any server side logs related to this problem ? Could you check that ?

  • User Avatar
    0
    medigmbh created

    There are some logs but no errors. All calls to the backend return with 200. The only error i can see is the frontend one, with the empty claims.

    The token which im recieving from azure { "aud": "xxx", "iss": "https://login.microsoftonline.com/xxxx/v2.0", "iat": xxx, "nbf": xxx, "exp": xxx, "aio": "xxx", "name": "xxx", "nonce": "xxx", "oid": "xxx", "preferred_username": xxx", "rh": "xxx", "sub": "xxx", "tid": "xxx", "uti": "xxx", "ver": "2.0" }

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    Is it possible to test this on your live app ? If so, could you send its URL to [email protected] ?

  • User Avatar
    0
    medigmbh created

    I am gonig to check whether I am allowed to deploy it to our test environment.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @medigmbh

    We got your email about this problem, we can continue via email and I will write the latest result here.