OpenIddict integration always results in invalid redirect_uri error #12223 | Support Center

clahey created 18 days ago

Hi,

We are trying to use the aspnet zero system as an external auth provider for a marketing website. We have configured the app settings accordingly: "OpenIddict": { "IsEnabled": "true", "Applications": [ { "ClientId": "client", "ClientSecret": "def2edf7-5d42-4edc-a84a-30136c340e13", "DisplayName": "etransit_App", "ConsentType": "Explicit", "RedirectUris": [ "https://localhost:44342/signin-oidc", "https://localhost:44342" ], "PostLogoutRedirectUris": [], "Scopes": [ "default-api", "profile", "openid", "email", "phone", "address" ], "Permissions": [ "ept:token", "ept:authorization", "gt:password", "gt:client_credentials", "gt:authorization_code", "rst:code", "rst:code id_token" ] } ] } And are running the etransit web host project. In order to make the request, we are using this sample umbraco project. https://github.com/jbreuer/Umbraco-OpenIdConnect-Example Specifically this file - https://github.com/jbreuer/Umbraco-OpenIdConnect-Example/blob/main/Umbraco-OpenIdConnect-Example.Core/Extensions/UmbracoBuilderExtensions.cs With the settings updated for the aspnet zero application: "OpenIdConnect": { "MetadataAddress": "https://localhost:44301/.well-known/openid-configuration", "ClientId": "client", "ClientSecret": "def2edf7-5d42-4edc-a84a-30136c340e13", "LogoutUrl": "https://localhost:44301/logout", "ReturnAfterLogout": "https://localhost:44342/" }

However, when trying to authenticate, we receive the following error: error:invalid_request error_description:The specified 'redirect_uri' is not valid for this client application. error_uri:https://documentation.openiddict.com/errors/ID2043

This is the url in the browser when we receive the error: https://localhost:44301/connect/authorize?client_id=client&redirect_uri=https%3A%2F%2Flocalhost%3A44342%2Fsignin-oidc&response_type=code&scope=openid%20profile&code_challenge=wMNJT4QoiT7y9Boxhz5IQHNvQzo1MHyF4Y1lJ2oGSHI&code_challenge_method=S256&response_mode=form_post&nonce=638664064041654643.YTQzYzc0MzAtOWQyNy00ZjNiLTg2ZjMtMTQwYTM2ZWUzYTE2NTlhY2VhOGQtMTFmMi00YjA3LWE3NmItOWNlOWUzNDliYWNi&state=CfDJ8DTfbC_8CzBKrpYXkEW7lEHZsthRRkGeXEeRdPB9k51hNTD1db2pGFcHUQfjGEir7gr3co_4QRf6W7R4_Cvgv_1TM5YYFIBPFpxC3Ytf_xeJ1xVSHG72l9-GBo4SHc3DLW2eW8UndDWh-payTgrFSX0QG8ihUNt7O4L7IbzQybs708hs1nQ6Cb5ZxcgBvx8SbBij_h6Vg-LTTvcS0cALyUyMCCB7AqIg2cMru5ZukC83g77BnCje_APBBAia8klxhjrIclMYQJsw_Ah8INHzsNHztph9nyK-IGzBwjVf9SFB6ncRgRusVn8fiwwquNXx3BeeW1qS7MDuqvnc4I9asmO74LOW4UhYRV8ZsRAU2xDR_yL9T1JjoS_oaErm1mKIKb9pFRCO8rox-kunl681uAGh3g5WAM5bdVnCV8BFoZfhx3v6sTr_5gU7nKGcJktA2KKqLRoi-VnenfoxTToyzztQgvgnfJ2cmr4nA79jfsiU8tZYvyrMcoyiwl68SSXTIS0uxCYTfW1VaZvTh6TBolS8F1NNT2taa2HtRIO4lZTlBmypDC1dSP5FmKoKZq4tZvDG2BJ01cgAhDGbh7s8S_5MSs-EWTZ9xBk1rZidXmWpQkffsx28WV7QXlozVpc5DoS4EFS39pzrRibDuOzCAGylGAjXlFQXmqikPsyC26ifq9OfUVZay_T2aL0iJjvf45wLJp8uRchzO-rvyzakbOjnD-3K__dZ-4UdQQbG9T13&x-client-SKU=ID_NET8_0&x-client-ver=8.0.2.0

As you can see, the redirect_uri matches exactly what is defined in the application settings so we are stuck on what this error could really be pointing to. Can you please advise? Are we missing a piece of configuration somewhere?

Thanks

4 Answer(s)

0

oguzhanagir created 18 days ago
Support Team

Hi clahey

Is Redis active in your project? Try clearing your Redis. If this doesn’t solve the issue, could you please send your project to [email protected] so that we can reproduce the issue on our end?
0

oguzhanagir created 18 days ago
Support Team

Hi clahey

The reason for this error is that the ClientId value in the OpenIddictApplications table does not match the RedirectUris value specified in your appsettings.json. To fix this error, you can either delete this entry from the database and recreate it using SeedWorker based on the values in appsettings.json, or manually update the value in the database. Alternatively, you can specify a new ClientId in appsettings.json.
0

clahey created 12 days ago

Hi oguzhanagir,

I updated the db ([OpenIddictApplications] table) but now receive an error that the client id is invalid. I have checked that the client id in the db matches exactly with the client id in the umbraco application.

localhost:44301/connect/authorize?client_id=client&redirect_uri=https%3A%2F%2Flocalhost%3A44342%2Fsignin-oidc&response_type=code&scope=openid profile&code_challenge=oXT8rx4MrpNCGiqX0ZTuZsuOYy0ABuaHFQfcdcw0v_E&code_challenge_method=S256&response_mode=form_post&nonce=638665094411147229.NjU1NmZlNjMtMGU4Ny00YTBiLTk2ZWItZGZjNzEzMGQyMWMwZmFlZmI3MDQtNzY5Yi00OThhLWFiMTktOGM5NDEwY2YwNjY2&state=CfDJ8DTfbC_8CzBKrpYXkEW7lEGOg-fGgK2Y99PPaV_fRADddfI92DXAW6IEIRAdgKbIcip3IxiY-U2lIZsIV94sdHINeBEGp5w41W-f5mC66yzQN8CB1aM1PjroDQKNETWgzn2vgLOB8jBGPHNWLSEX-dg57M4G3CTGWtak7pDJ5mar_4fJmoa3QRbvwUTfBLsPrI3XvonpHhzmhdblU2XXPTda0zcGjjaEQ86beoPUexxbKN1daLMA9vEgb83ZyXgoCiltYq-L_eIzJH3tdTdIGp91VnFc-qMa_UbSjdeUhiPyTGskaH3N_4ZYzU_JFy0i02a1p5sd7vXVUnVW_9m8_N52J0NHmXBI2phn2lLj2yGOk6UDaSGQQKDv9FYx95eZHIPEr7GEK2V6vngcXbP0Wbl9gZaUMviAMszQEaShfpARWKH8Y1IDgBYiT5lMtVDvguLHS5yIN4g4PpsJIAmNTHP28lQxDvWT_42ypL1hKUJqq8Zn2blIHaRqlZ5ve9gsnKljgzsAFJovpSJyFM_dueH4bcna3uhKet4in8lYRq0rvGDmrJ3b1yksmyu_ywMey6jTA97a6nd_qqxEDwzIhj1ZP0Jay2s8er_6Sw3lljNRB_wG1Dv4hRtFv9-eSWMO-7wz-BbX5VZBEl5zxGUhkOAbNd0w73ZVbe553qiXZn3RDQ_7B86lUujXRhPcBc6UTQXiiPYN5HJqS3ch49pAO407UHxNS5H42C1sYRdBRBvZ&x-client-SKU=ID_NET8_0&x-client-ver=8.0.2.0

error:invalid_request error_description:The specified 'client_id' is invalid. error_uri:https://documentation.openiddict.com/errors/ID2052
0

oguzhanagir created 12 days ago
Support Team

Hi clahey

Can you create a new unique value as the Client value in appsettings.json? Can you change the value you gave in Umbraco application? You can also clear data in related tables. When you run the application, data will be generated according to the client name you added.

Have an answer to this question? Log in and write your answer.