Monday, January 16, 2017

ASP.NET Core: OpenIdConnectMiddleware returns 401 after oidc was challenged

The application we are working on is using OpenID Connect(OIDC) to externalize authentication. However after configuring the OIDC middleware(Microsoft.AspNetCore.Authentication.OpenIdConnect)in ASP.NET Core it failed to work.

Instead of being redirected to the Identity Provider (by returning a 302) I got a 401 and the page just remains blank Sad smile.  Inside my output logs I could see the following:

'FrontEnd.Web.exe' (CLR v4.0.30319: FrontEnd.Web.exe): Loaded 'C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll'. Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled.

Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectMiddleware: Information: AuthenticationScheme: oidc was challenged.

Microsoft.AspNetCore.Hosting.Internal.WebHost: Information: Request finished in 444.9692ms 401 

On GitHub I found that there are some problems with the newer versions(1.1.*) of Authentication.Cookies and OpenIdConnect nuget packages. By changing the version back to 1.0.*.  I was able to solve the issue.

No comments: