IdentityServer3 constant redirect on login only on mobile
up vote
1
down vote
favorite
I have a problem where my identity server works great with no problems logging in users on desktop computers. However when i go to the webpage on a mobile app and log in I get a constant redirect situation.
It goes to the identity server the first time, I log in, and then when it redirects back to the app it automatically redirects back to identity server and back and forth.
If I stop the redirection (by hitting the stop button on the browser) then go to my site I am already logged in now.
I am using IdentityServer3 and Asp.Net Core.
The logs for the identity server show no error and successful logins. This happens if I log in with an external provider or a custom provider.
I thought it was something with safari but i installed chrome on my phone and it does the same thing.
I did some research and I don't think it is a http/https problem and I can not add the Session_start because it doesn't exist in core.
Can anyone think of a reason the mobile app would not work while the desktop app works fine? Any suggestions on any other logs i can check or things i can try?
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(options =>
{
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(options =>
{
options.LoginPath = new PathString("/Login/Login/");
options.AccessDeniedPath = new PathString("/Login/Login/");
})
.AddOpenIdConnect(options =>
{
options.Authority = _authenticationServer;
options.ClientId = "...";
options.ResponseType = "id_token";
options.Scope.Add("openid");
options.Scope.Add("email");
options.Scope.Add("profile");
options.UseTokenLifetime = false;
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name",
ValidateIssuer = false,
};
options.Events = new OpenIdConnectEvents
{
OnTokenValidated = context =>
{
...
return Task.CompletedTask;
}
};
});
services.AddMvc(config =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
config.Filters.Add(new AuthorizeFilter(policy));
})
.AddJsonOptions(options =>
options.SerializerSettings.ContractResolver = new DefaultContractResolver());
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddSingleton(Configuration);
services.AddMemoryCache();
services.AddSession();
services.AddKendo();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseStaticFiles();
app.UseSession();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
asp.net .net-core identityserver3
asked 2 days ago
JackSojourn
262
add a comment |
up vote
1
down vote
favorite
I have a problem where my identity server works great with no problems logging in users on desktop computers. However when i go to the webpage on a mobile app and log in I get a constant redirect situation.
It goes to the identity server the first time, I log in, and then when it redirects back to the app it automatically redirects back to identity server and back and forth.
If I stop the redirection (by hitting the stop button on the browser) then go to my site I am already logged in now.
I am using IdentityServer3 and Asp.Net Core.
The logs for the identity server show no error and successful logins. This happens if I log in with an external provider or a custom provider.
I thought it was something with safari but i installed chrome on my phone and it does the same thing.
I did some research and I don't think it is a http/https problem and I can not add the Session_start because it doesn't exist in core.
Can anyone think of a reason the mobile app would not work while the desktop app works fine? Any suggestions on any other logs i can check or things i can try?
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(options =>
{
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(options =>
{
options.LoginPath = new PathString("/Login/Login/");
options.AccessDeniedPath = new PathString("/Login/Login/");
})
.AddOpenIdConnect(options =>
{
options.Authority = _authenticationServer;
options.ClientId = "...";
options.ResponseType = "id_token";
options.Scope.Add("openid");
options.Scope.Add("email");
options.Scope.Add("profile");
options.UseTokenLifetime = false;
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name",
ValidateIssuer = false,
};
options.Events = new OpenIdConnectEvents
{
OnTokenValidated = context =>
{
...
return Task.CompletedTask;
}
};
});
services.AddMvc(config =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
config.Filters.Add(new AuthorizeFilter(policy));
})
.AddJsonOptions(options =>
options.SerializerSettings.ContractResolver = new DefaultContractResolver());
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddSingleton(Configuration);
services.AddMemoryCache();
services.AddSession();
services.AddKendo();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseStaticFiles();
app.UseSession();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
asp.net .net-core identityserver3
asked 2 days ago
JackSojourn
262
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I have a problem where my identity server works great with no problems logging in users on desktop computers. However when i go to the webpage on a mobile app and log in I get a constant redirect situation.
It goes to the identity server the first time, I log in, and then when it redirects back to the app it automatically redirects back to identity server and back and forth.
If I stop the redirection (by hitting the stop button on the browser) then go to my site I am already logged in now.
I am using IdentityServer3 and Asp.Net Core.
The logs for the identity server show no error and successful logins. This happens if I log in with an external provider or a custom provider.
I thought it was something with safari but i installed chrome on my phone and it does the same thing.
I did some research and I don't think it is a http/https problem and I can not add the Session_start because it doesn't exist in core.
Can anyone think of a reason the mobile app would not work while the desktop app works fine? Any suggestions on any other logs i can check or things i can try?
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(options =>
{
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(options =>
{
options.LoginPath = new PathString("/Login/Login/");
options.AccessDeniedPath = new PathString("/Login/Login/");
})
.AddOpenIdConnect(options =>
{
options.Authority = _authenticationServer;
options.ClientId = "...";
options.ResponseType = "id_token";
options.Scope.Add("openid");
options.Scope.Add("email");
options.Scope.Add("profile");
options.UseTokenLifetime = false;
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name",
ValidateIssuer = false,
};
options.Events = new OpenIdConnectEvents
{
OnTokenValidated = context =>
{
...
return Task.CompletedTask;
}
};
});
services.AddMvc(config =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
config.Filters.Add(new AuthorizeFilter(policy));
})
.AddJsonOptions(options =>
options.SerializerSettings.ContractResolver = new DefaultContractResolver());
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddSingleton(Configuration);
services.AddMemoryCache();
services.AddSession();
services.AddKendo();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseStaticFiles();
app.UseSession();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
asp.net .net-core identityserver3
asked 2 days ago
JackSojourn
262
I have a problem where my identity server works great with no problems logging in users on desktop computers. However when i go to the webpage on a mobile app and log in I get a constant redirect situation.
It goes to the identity server the first time, I log in, and then when it redirects back to the app it automatically redirects back to identity server and back and forth.
If I stop the redirection (by hitting the stop button on the browser) then go to my site I am already logged in now.
I am using IdentityServer3 and Asp.Net Core.
The logs for the identity server show no error and successful logins. This happens if I log in with an external provider or a custom provider.
I thought it was something with safari but i installed chrome on my phone and it does the same thing.
I did some research and I don't think it is a http/https problem and I can not add the Session_start because it doesn't exist in core.
Can anyone think of a reason the mobile app would not work while the desktop app works fine? Any suggestions on any other logs i can check or things i can try?
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(options =>
{
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(options =>
{
options.LoginPath = new PathString("/Login/Login/");
options.AccessDeniedPath = new PathString("/Login/Login/");
})
.AddOpenIdConnect(options =>
{
options.Authority = _authenticationServer;
options.ClientId = "...";
options.ResponseType = "id_token";
options.Scope.Add("openid");
options.Scope.Add("email");
options.Scope.Add("profile");
options.UseTokenLifetime = false;
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name",
ValidateIssuer = false,
};
options.Events = new OpenIdConnectEvents
{
OnTokenValidated = context =>
{
...
return Task.CompletedTask;
}
};
});
services.AddMvc(config =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
config.Filters.Add(new AuthorizeFilter(policy));
})
.AddJsonOptions(options =>
options.SerializerSettings.ContractResolver = new DefaultContractResolver());
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddSingleton(Configuration);
services.AddMemoryCache();
services.AddSession();
services.AddKendo();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseStaticFiles();
app.UseSession();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
asp.net .net-core identityserver3
asp.net .net-core identityserver3
asked 2 days ago
JackSojourn
262
asked 2 days ago
JackSojourn
262
asked 2 days ago
JackSojourn
262
asked 2 days ago
JackSojourn
262
asked 2 days ago
JackSojourn
262
262
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
It's most likely a cookie storage problem. There are limits for cookie size that vary from browser to browser.
- After successful login browser gets redirected
- Server tries to set
the cookie - If cookie size exceeds the limit, browser gives a warning
in the console, that cookie will be ignored - Page reloads, but there
is no authentication cookie set, so browser gets redirected to the
login page - Often "remember me" option is enabled, so cycle begins
with step 1
Try to reduce the cookie size.
answered yesterday
Mikhail Zhuravlev
4861614
Thanks...I tried removing all my claims but the problem still exists. is there another way to reduce the cookie size just to test? I'd like to verify if this is the problem.
– JackSojourn
yesterday
I verified that OnTokenValidated is called in my client app. Immediately after OnRedirectToIdentityProvider is called. I was also thinking if its a cookie size problem then why does it work if i stop the redirects and refresh?
– JackSojourn
yesterday
Verified it only does it on an iphone...Android works fine
– JackSojourn
9 hours ago
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
It's most likely a cookie storage problem. There are limits for cookie size that vary from browser to browser.
- After successful login browser gets redirected
- Server tries to set
the cookie - If cookie size exceeds the limit, browser gives a warning
in the console, that cookie will be ignored - Page reloads, but there
is no authentication cookie set, so browser gets redirected to the
login page - Often "remember me" option is enabled, so cycle begins
with step 1
Try to reduce the cookie size.
answered yesterday
Mikhail Zhuravlev
4861614
Thanks...I tried removing all my claims but the problem still exists. is there another way to reduce the cookie size just to test? I'd like to verify if this is the problem.
– JackSojourn
yesterday
I verified that OnTokenValidated is called in my client app. Immediately after OnRedirectToIdentityProvider is called. I was also thinking if its a cookie size problem then why does it work if i stop the redirects and refresh?
– JackSojourn
yesterday
Verified it only does it on an iphone...Android works fine
– JackSojourn
9 hours ago
add a comment |
up vote
0
down vote
It's most likely a cookie storage problem. There are limits for cookie size that vary from browser to browser.
- After successful login browser gets redirected
- Server tries to set
the cookie - If cookie size exceeds the limit, browser gives a warning
in the console, that cookie will be ignored - Page reloads, but there
is no authentication cookie set, so browser gets redirected to the
login page - Often "remember me" option is enabled, so cycle begins
with step 1
Try to reduce the cookie size.
answered yesterday
Mikhail Zhuravlev
4861614
Thanks...I tried removing all my claims but the problem still exists. is there another way to reduce the cookie size just to test? I'd like to verify if this is the problem.
– JackSojourn
yesterday
I verified that OnTokenValidated is called in my client app. Immediately after OnRedirectToIdentityProvider is called. I was also thinking if its a cookie size problem then why does it work if i stop the redirects and refresh?
– JackSojourn
yesterday
Verified it only does it on an iphone...Android works fine
– JackSojourn
9 hours ago
add a comment |
up vote
0
down vote
up vote
0
down vote
It's most likely a cookie storage problem. There are limits for cookie size that vary from browser to browser.
- After successful login browser gets redirected
- Server tries to set
the cookie - If cookie size exceeds the limit, browser gives a warning
in the console, that cookie will be ignored - Page reloads, but there
is no authentication cookie set, so browser gets redirected to the
login page - Often "remember me" option is enabled, so cycle begins
with step 1
Try to reduce the cookie size.
answered yesterday
Mikhail Zhuravlev
4861614
It's most likely a cookie storage problem. There are limits for cookie size that vary from browser to browser.
- After successful login browser gets redirected
- Server tries to set
the cookie - If cookie size exceeds the limit, browser gives a warning
in the console, that cookie will be ignored - Page reloads, but there
is no authentication cookie set, so browser gets redirected to the
login page - Often "remember me" option is enabled, so cycle begins
with step 1
Try to reduce the cookie size.
answered yesterday
Mikhail Zhuravlev
4861614
answered yesterday
Mikhail Zhuravlev
4861614
answered yesterday
Mikhail Zhuravlev
4861614
answered yesterday
Mikhail Zhuravlev
4861614
4861614
Thanks...I tried removing all my claims but the problem still exists. is there another way to reduce the cookie size just to test? I'd like to verify if this is the problem.
– JackSojourn
yesterday
I verified that OnTokenValidated is called in my client app. Immediately after OnRedirectToIdentityProvider is called. I was also thinking if its a cookie size problem then why does it work if i stop the redirects and refresh?
– JackSojourn
yesterday
Verified it only does it on an iphone...Android works fine
– JackSojourn
9 hours ago
add a comment |
Thanks...I tried removing all my claims but the problem still exists. is there another way to reduce the cookie size just to test? I'd like to verify if this is the problem.
– JackSojourn
yesterday
I verified that OnTokenValidated is called in my client app. Immediately after OnRedirectToIdentityProvider is called. I was also thinking if its a cookie size problem then why does it work if i stop the redirects and refresh?
– JackSojourn
yesterday
Verified it only does it on an iphone...Android works fine
– JackSojourn
9 hours ago
Thanks...I tried removing all my claims but the problem still exists. is there another way to reduce the cookie size just to test? I'd like to verify if this is the problem.
– JackSojourn
yesterday
Thanks...I tried removing all my claims but the problem still exists. is there another way to reduce the cookie size just to test? I'd like to verify if this is the problem.
– JackSojourn
yesterday
I verified that OnTokenValidated is called in my client app. Immediately after OnRedirectToIdentityProvider is called. I was also thinking if its a cookie size problem then why does it work if i stop the redirects and refresh?
– JackSojourn
yesterday
I verified that OnTokenValidated is called in my client app. Immediately after OnRedirectToIdentityProvider is called. I was also thinking if its a cookie size problem then why does it work if i stop the redirects and refresh?
– JackSojourn
yesterday
Verified it only does it on an iphone...Android works fine
– JackSojourn
9 hours ago
Verified it only does it on an iphone...Android works fine
– JackSojourn
9 hours ago
add a comment |
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53361553%2fidentityserver3-constant-redirect-on-login-only-on-mobile%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
