Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[Bug] signInManager.GetExternalLoginInfoAsync() always returns null

See original GitHub issue

Which Version of Microsoft Identity Web are you using ? Microsoft Identity Web 0.1.1-preview

Application

  1. Create new project -> ASP.NET Core Web Application -> Web Application (Model-View-Controller). Authentication: Individual User Accounts (Store user accounts in-app).
  2. Replace AddAzureAd with AddSignIn

for details see https://github.com/AzureAD/microsoft-identity-web/issues/133#issuecomment-621042225 below

In this I only added two things: Where is the issue? -> Sign-in user

In our application we use .NET Core Identity Framework (local DB) and external login provider. So we have multiple authentication provider and some users sign in directly (via .NET Core Identity Framework) and some via AAD. Calling signInManager.GetExternalLoginInfoAsync() leads to null return value with the updated code. Maybe it has to do with the appsettings property "CookieSchemeName": "Identity.External". Because this was necessary to get external AAD login working. As stated here. Maybe it will be ignored by now.

So we replaced the following code:

services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
    .AddAzureAD(options => Configuration.Bind("AzureAd", options));

with that one:

services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
	.AddSignIn(Configuration, "AzureAd", subscribeToOpenIdConnectMiddlewareDiagnosticsEvents: true);

appsettings.json section was not modified:

"AzureAd": {
	"Instance": "https://login.microsoftonline.com/",
	"Domain": "xyz.com",
	"TenantId": "AEEE9884-9E13-41E7-A25F-304C44407A78",
	"ClientId": "787EBDED-B77E-4CFC-BAA0-2D2B00C41B4F",
	"CallbackPath": "/signin-oidc",
	"SignedOutCallbackPath ": "/signout-callback-oidc",
	"CookieSchemeName": "Identity.External"
}

Login with the “old” code leads to the following log entries:

Anforderung gestartet: "POST" https://localhost:44338/Account/ExternalLogin?returnurl=%2F
[11:51:27 INF] Request starting HTTP/2.0 POST https://localhost:44338/Account/ExternalLogin?returnurl=%2F application/x-www-form-urlencoded 199
[11:51:27 DBG] POST requests are not supported
[11:51:27 DBG] 1 candidate(s) found for the request path '/Account/ExternalLogin'
[11:51:27 DBG] Endpoint 'Monitoring.Controllers.AccountController.ExternalLogin (ToSec.Presentation)' with route pattern '{controller=Home}/{action=Index}/{id?}' is valid for the request path '/Account/ExternalLogin'
[11:51:27 DBG] Request matched endpoint 'Monitoring.Controllers.AccountController.ExternalLogin (ToSec.Presentation)'
[11:51:27 DBG] AuthenticationScheme: Identity.Application was not authenticated.
[11:51:27 INF] Executing endpoint 'Monitoring.Controllers.AccountController.ExternalLogin (ToSec.Presentation)'
[11:51:27 INF] Route matched with {action = "ExternalLogin", controller = "Account", area = "", page = ""}. Executing controller action with signature Microsoft.AspNetCore.Mvc.IActionResult ExternalLogin(System.String, System.String) on controller Monitoring.Controllers.AccountController (ToSec.Presentation).
[11:51:27 DBG] Execution plan of authorization filters (in the following order): ["Microsoft.AspNetCore.Mvc.RequireHttpsAttribute (Order: -2147483598)", "Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.ValidateAntiforgeryTokenAuthorizationFilter"]
[11:51:27 DBG] Execution plan of resource filters (in the following order): ["Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter"]
[11:51:27 DBG] Execution plan of action filters (in the following order): ["Microsoft.AspNetCore.Mvc.Filters.ControllerActionFilter (Order: -2147483648)", "Microsoft.AspNetCore.Mvc.ModelBinding.UnsupportedContentTypeFilter (Order: -3000)", "ToSec.Presentation.Filters.GlobalActionFilter"]
[11:51:27 DBG] Execution plan of exception filters (in the following order): ["None"]
[11:51:27 DBG] Execution plan of result filters (in the following order): ["Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter"]
[11:51:27 DBG] Antiforgery successfully validated a request.
[11:51:27 DBG] Executing controller factory for controller Monitoring.Controllers.AccountController (ToSec.Presentation)
[11:51:27 DBG] Executed controller factory for controller Monitoring.Controllers.AccountController (ToSec.Presentation)
[11:51:27 DBG] Attempting to bind parameter 'provider' of type 'System.String' ...
[11:51:27 DBG] Attempting to bind parameter 'provider' of type 'System.String' using the name 'provider' in request data ...
[11:51:27 DBG] Done attempting to bind parameter 'provider' of type 'System.String'.
[11:51:27 DBG] Done attempting to bind parameter 'provider' of type 'System.String'.
[11:51:27 DBG] Attempting to validate the bound parameter 'provider' of type 'System.String' ...
[11:51:27 DBG] Done attempting to validate the bound parameter 'provider' of type 'System.String'.
[11:51:27 DBG] Attempting to bind parameter 'returnUrl' of type 'System.String' ...
[11:51:27 DBG] Attempting to bind parameter 'returnUrl' of type 'System.String' using the name 'returnUrl' in request data ...
[11:51:27 DBG] Done attempting to bind parameter 'returnUrl' of type 'System.String'.
[11:51:27 DBG] Done attempting to bind parameter 'returnUrl' of type 'System.String'.
[11:51:27 DBG] Attempting to validate the bound parameter 'returnUrl' of type 'System.String' ...
[11:51:27 DBG] Done attempting to validate the bound parameter 'returnUrl' of type 'System.String'.
[11:51:27 DBG] Found the endpoints ["Route: {controller=Home}/{action=Index}/{id?}"] for address Microsoft.AspNetCore.Routing.RouteValuesAddress
[11:51:27 DBG] Successfully processed template {controller=Home}/{action=Index}/{id?} for Route: {controller=Home}/{action=Index}/{id?} resulting in /Account/ExternalLoginCallback and ?ReturnUrl=%2F
[11:51:27 DBG] Link generation succeeded for endpoints ["Route: {controller=Home}/{action=Index}/{id?}"] with result /Account/ExternalLoginCallback?ReturnUrl=%2F
[11:51:27 INF] Executing ChallengeResult with authentication schemes (["AzureAD"]).
[11:51:28 DBG] HandleChallenge with Location: https://login.microsoftonline.com/AEEE9884-9E13-41E7-A25F-304C44407A78/oauth2/authorize?client_id=787EBDED-B77E-4CFC-BAA0-2D2B00C41B4F&redirect_uri=https%3A%2F%2Flocalhost%3A44338%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=637236642882492420.OGM1ZjUwYmQtNDhlNy00MjBhLTgwOGQtNjJiMmI3MDhmYWU1ODQwNzMyYmItZWZhMy00MjU4LWFlOTUtNWYxMDNhNDVlZTZj&state=CfDJ8DR5ohJGZplEj7fE6niEf5TIKMEHyRD-oDyJtjJbZcP6NIYNFr0sxKhd_tM0GOUeD0V-3YOM-0ZN0IQAgzVxqmVT-gd3huPfKtjoeUwE3XeBqh90cmNRV1GA272tumVVvtus4mvzfvFV86lXKgZNAj5L45PtvUbFqaNSxOedOxqA5Z-iryRClLHJGEgzRPTKaVFPKGP9HIao84jWLj2I1Vt_D4LW_upKDHMe9pKyz44sOtKqk5QZBBi-L5vUTwWlvmCneQAf_-HK9FDmh7jxfFN1ivv1y4vizTCjbPhYmKu9Asg0y161fHJUGjXFXjizyM5d--AaIpOjYVoOkhUs7uQP65_tGIDvLuaHoQitGEECRbZ323FzDy4BJGedvN2Lig&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.5.0.0; and Set-Cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8DR5ohJGZplEj7fE6niEf5QkFlfME3SuURGltzRK9258MMeLcTGJ4L9xT4IsOorGHJP6h6QnzMomF3KcTPNXm8W9sucd8y0k9-evg9Js7m1sOKX9S2U3PDqU3-vDyN_gTvY2wzWhrX5vV2m7RuHP8Gg3pP4Rei8XWYz_kHT0qKLw6CP4C--YUzRA0_EIrySyz7L78WS4L-jJG3yy6m2Qg8v0aUt08VfTZXnD80T77zn6xTy2IvALDXCwWZEuyfva3XafcS1vpd-UkwWiLKoyWWU=N; expires=Tue, 28 Apr 2020 10:06:28 GMT; path=/signin-oidc; secure; samesite=none; httponly,.AspNetCore.Correlation.AzureADOpenID.gSC-tfIIol9Bk8uJuoIMlrNGq4mmXHPXYc1-5p2xhoE=N; expires=Tue, 28 Apr 2020 10:06:28 GMT; path=/signin-oidc; secure; samesite=none; httponly.
[11:51:28 INF] AuthenticationScheme: AzureADOpenID was challenged.
[11:51:28 INF] Executed action Monitoring.Controllers.AccountController.ExternalLogin (ToSec.Presentation) in 606.8715ms
[11:51:28 INF] Executed endpoint 'Monitoring.Controllers.AccountController.ExternalLogin (ToSec.Presentation)'
[11:51:28 INF] HTTP POST /Account/ExternalLogin?returnurl=%2F responded 302 in 644.2759 ms
Response sent: https://localhost:44338/Account/ExternalLogin?returnurl=%2F with HTTP status 302.0
Response sent: https://localhost:44338/Account/ExternalLogin?returnurl=%2F with HTTP status 302.0
[11:51:28 INF] Request finished in 652.3097ms 302 
Response sent: https://localhost:44338/Account/ExternalLogin?returnurl=%2F with HTTP status 302.0
Anforderung gestartet: "POST" https://localhost:44338/signin-oidc
[11:51:28 INF] Request starting HTTP/2.0 POST https://localhost:44338/signin-oidc application/x-www-form-urlencoded 1907
[11:51:28 DBG] POST requests are not supported
[11:51:28 DBG] No candidates found for the request path '/signin-oidc'
[11:51:28 DBG] Request did not match any endpoints
[11:51:28 DBG] Updating configuration
[11:51:28 DBG] Received 'id_token'
[11:51:28 INF] AuthenticationScheme: Identity.External signed in.
[11:51:28 INF] HTTP POST /signin-oidc responded 302 in 208.8467 ms
Response sent: https://localhost:44338/signin-oidc with HTTP status 302.0
Response sent: https://localhost:44338/signin-oidc with HTTP status 302.0
[11:51:28 INF] Request finished in 212.6102ms 302 
Response sent: https://localhost:44338/signin-oidc with HTTP status 302.0
Anforderung gestartet: "GET" https://localhost:44338/Account/ExternalLoginCallback?ReturnUrl=%2F
[11:51:28 INF] Request starting HTTP/2.0 GET https://localhost:44338/Account/ExternalLoginCallback?ReturnUrl=%2F  
[11:51:28 DBG] The request path /Account/ExternalLoginCallback does not match a supported file type
[11:51:28 DBG] 1 candidate(s) found for the request path '/Account/ExternalLoginCallback'
[11:51:28 DBG] Endpoint 'Monitoring.Controllers.AccountController.ExternalLoginCallback (ToSec.Presentation)' with route pattern '{controller=Home}/{action=Index}/{id?}' is valid for the request path '/Account/ExternalLoginCallback'
[11:51:28 DBG] Request matched endpoint 'Monitoring.Controllers.AccountController.ExternalLoginCallback (ToSec.Presentation)'
[11:51:28 DBG] AuthenticationScheme: Identity.Application was not authenticated.
[11:51:28 INF] Executing endpoint 'Monitoring.Controllers.AccountController.ExternalLoginCallback (ToSec.Presentation)'
[11:51:28 INF] Route matched with {action = "ExternalLoginCallback", controller = "Account", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] ExternalLoginCallback(System.String, System.String) on controller Monitoring.Controllers.AccountController (ToSec.Presentation).
[11:51:28 DBG] Execution plan of authorization filters (in the following order): ["Microsoft.AspNetCore.Mvc.RequireHttpsAttribute (Order: -2147483598)"]
[11:51:28 DBG] Execution plan of resource filters (in the following order): ["Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter"]
[11:51:28 DBG] Execution plan of action filters (in the following order): ["Microsoft.AspNetCore.Mvc.Filters.ControllerActionFilter (Order: -2147483648)", "Microsoft.AspNetCore.Mvc.ModelBinding.UnsupportedContentTypeFilter (Order: -3000)", "ToSec.Presentation.Filters.GlobalActionFilter"]
[11:51:28 DBG] Execution plan of exception filters (in the following order): ["None"]
[11:51:28 DBG] Execution plan of result filters (in the following order): ["Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter"]
[11:51:28 DBG] Executing controller factory for controller Monitoring.Controllers.AccountController (ToSec.Presentation)
[11:51:28 DBG] Executed controller factory for controller Monitoring.Controllers.AccountController (ToSec.Presentation)
[11:51:28 DBG] Attempting to bind parameter 'returnUrl' of type 'System.String' ...
[11:51:28 DBG] Attempting to bind parameter 'returnUrl' of type 'System.String' using the name 'returnUrl' in request data ...
[11:51:28 DBG] Done attempting to bind parameter 'returnUrl' of type 'System.String'.
[11:51:28 DBG] Done attempting to bind parameter 'returnUrl' of type 'System.String'.
[11:51:28 DBG] Attempting to validate the bound parameter 'returnUrl' of type 'System.String' ...
[11:51:28 DBG] Done attempting to validate the bound parameter 'returnUrl' of type 'System.String'.
[11:51:28 DBG] Attempting to bind parameter 'remoteError' of type 'System.String' ...
[11:51:28 DBG] Could not find a value in the request with name '' for binding parameter 'remoteError' of type 'System.String'.
[11:51:28 DBG] Done attempting to bind parameter 'remoteError' of type 'System.String'.
[11:51:28 DBG] Done attempting to bind parameter 'remoteError' of type 'System.String'.
[11:51:28 DBG] Attempting to validate the bound parameter 'remoteError' of type 'System.String' ...
[11:51:28 DBG] Done attempting to validate the bound parameter 'remoteError' of type 'System.String'.
[11:51:28 DBG] AuthenticationScheme: Identity.External was successfully authenticated.

Login with the “new” code leads to the following log entries:

Anforderung gestartet: "POST" https://localhost:44338/Account/ExternalLogin?returnurl=%2F
[11:57:48 INF] Request starting HTTP/2.0 POST https://localhost:44338/Account/ExternalLogin?returnurl=%2F application/x-www-form-urlencoded 205
[11:57:48 DBG] POST requests are not supported
[11:57:48 DBG] 1 candidate(s) found for the request path '/Account/ExternalLogin'
[11:57:48 DBG] Endpoint 'Monitoring.Controllers.AccountController.ExternalLogin (ToSec.Presentation)' with route pattern '{controller=Home}/{action=Index}/{id?}' is valid for the request path '/Account/ExternalLogin'
[11:57:48 DBG] Request matched endpoint 'Monitoring.Controllers.AccountController.ExternalLogin (ToSec.Presentation)'
[11:57:48 DBG] AuthenticationScheme: Identity.Application was not authenticated.
[11:57:48 INF] Executing endpoint 'Monitoring.Controllers.AccountController.ExternalLogin (ToSec.Presentation)'
[11:57:48 INF] Route matched with {action = "ExternalLogin", controller = "Account"}. Executing controller action with signature Microsoft.AspNetCore.Mvc.IActionResult ExternalLogin(System.String, System.String) on controller Monitoring.Controllers.AccountController (ToSec.Presentation).
[11:57:48 DBG] Execution plan of authorization filters (in the following order): ["Microsoft.AspNetCore.Mvc.RequireHttpsAttribute (Order: -2147483598)", "Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.ValidateAntiforgeryTokenAuthorizationFilter"]
[11:57:48 DBG] Execution plan of resource filters (in the following order): ["Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter"]
[11:57:48 DBG] Execution plan of action filters (in the following order): ["Microsoft.AspNetCore.Mvc.Filters.ControllerActionFilter (Order: -2147483648)", "Microsoft.AspNetCore.Mvc.ModelBinding.UnsupportedContentTypeFilter (Order: -3000)", "ToSec.Presentation.Filters.GlobalActionFilter"]
[11:57:48 DBG] Execution plan of exception filters (in the following order): ["None"]
[11:57:48 DBG] Execution plan of result filters (in the following order): ["Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter"]
[11:57:48 DBG] Antiforgery successfully validated a request.
[11:57:48 DBG] Executing controller factory for controller Monitoring.Controllers.AccountController (ToSec.Presentation)
[11:57:48 DBG] Executed controller factory for controller Monitoring.Controllers.AccountController (ToSec.Presentation)
[11:57:48 DBG] Attempting to bind parameter 'provider' of type 'System.String' ...
[11:57:48 DBG] Attempting to bind parameter 'provider' of type 'System.String' using the name 'provider' in request data ...
[11:57:48 DBG] Done attempting to bind parameter 'provider' of type 'System.String'.
[11:57:48 DBG] Done attempting to bind parameter 'provider' of type 'System.String'.
[11:57:48 DBG] Attempting to validate the bound parameter 'provider' of type 'System.String' ...
[11:57:48 DBG] Done attempting to validate the bound parameter 'provider' of type 'System.String'.
[11:57:48 DBG] Attempting to bind parameter 'returnUrl' of type 'System.String' ...
[11:57:48 DBG] Attempting to bind parameter 'returnUrl' of type 'System.String' using the name 'returnUrl' in request data ...
[11:57:48 DBG] Done attempting to bind parameter 'returnUrl' of type 'System.String'.
[11:57:48 DBG] Done attempting to bind parameter 'returnUrl' of type 'System.String'.
[11:57:48 DBG] Attempting to validate the bound parameter 'returnUrl' of type 'System.String' ...
[11:57:48 DBG] Done attempting to validate the bound parameter 'returnUrl' of type 'System.String'.
[11:57:48 DBG] Found the endpoints ["Route: {controller=Home}/{action=Index}/{id?}"] for address Microsoft.AspNetCore.Routing.RouteValuesAddress
[11:57:48 DBG] Successfully processed template {controller=Home}/{action=Index}/{id?} for Route: {controller=Home}/{action=Index}/{id?} resulting in /Account/ExternalLoginCallback and ?ReturnUrl=%2F
[11:57:48 DBG] Link generation succeeded for endpoints ["Route: {controller=Home}/{action=Index}/{id?}"] with result /Account/ExternalLoginCallback?ReturnUrl=%2F
[11:57:48 INF] Executing ChallengeResult with authentication schemes (["OpenIdConnect"]).
[11:57:48 DBG] 1. Begin OnRedirectToIdentityProviderAsync
[11:57:48 DBG]    Sending OpenIdConnect message:
[11:57:48 DBG]    - ClientId=787EBDED-B77E-4CFC-BAA0-2D2B00C41B4F
[11:57:48 DBG]    - EnableTelemetryParameters=True
[11:57:48 DBG]    - EnableTelemetryParametersByDefault=True
[11:57:48 DBG]    - Nonce=637236646687340282.ZDU4MTE0YzQtODlhNC00YzVkLWJlYzMtZGQ2ZTU2NGRkMmRiZDIwYjFiMzEtODUyZS00YmYwLWIzM2EtMGE4OGQ5N2Y0OTNh
[11:57:48 DBG]    - RedirectUri=https://localhost:44338/signin-oidc
[11:57:48 DBG]    - RequestType=Authentication
[11:57:48 DBG]    - ResponseMode=form_post
[11:57:48 DBG]    - ResponseType=id_token
[11:57:48 DBG]    - Scope=openid profile
[11:57:48 DBG]    - SkuTelemetryValue=ID_NETSTANDARD2_0
[11:57:48 DBG]    - IssuerAddress=https://login.microsoftonline.com/dc242542-da90-4334-90e6-9271f2d1f21e/oauth2/v2.0/authorize
[11:57:48 DBG]    - Parameters=System.Collections.Generic.Dictionary`2[System.String,System.String]
[11:57:48 DBG]    - PostTitle=Working...
[11:57:48 DBG]    - Script=<script language="javascript">window.setTimeout('document.forms[0].submit()', 0);</script>
[11:57:48 DBG]    - ScriptButtonText=Submit
[11:57:48 DBG]    - ScriptDisabledText=Script is disabled. Click Submit to continue.
[11:57:48 DBG] 1. End - OnRedirectToIdentityProviderAsync
[11:57:48 DBG] HandleChallenge with Location: https://login.microsoftonline.com/AEEE9884-9E13-41E7-A25F-304C44407A78/oauth2/v2.0/authorize?client_id=787EBDED-B77E-4CFC-BAA0-2D2B00C41B4F&redirect_uri=https%3A%2F%2Flocalhost%3A44338%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=637236646687340282.ZDU4MTE0YzQtODlhNC00YzVkLWJlYzMtZGQ2ZTU2NGRkMmRiZDIwYjFiMzEtODUyZS00YmYwLWIzM2EtMGE4OGQ5N2Y0OTNh&state=CfDJ8DR5ohJGZplEj7fE6niEf5S2C6OCw-M1evKq_337mbU9PBMC1Ht9Ao5xNoce0d62cIlPvoFb5E8LLiArmXC2jAjpaFrHOMRML7oLaE3M6AMteYt-sYTnmlG7kcwkZgT7QM4bO4-c4L8K5KmJTmN_lpYs19Qif1keXM7jPiht7YBy-FClqm2cSrrNzDeXCjPVN7DiVDUoygQ3phlCapglxCphIcEn-HkVYQseLWDCwfdj51vl3NMze9YGWojBYMTxtNndY_b_pH0aVO76IkvR6Rf8kh6HlkX6w8OkXl8qB0DGexNh5YXR5pb98GtnstasV8WCm-MyKrXZFbSMX3A72f-I0FIneeiQikZ1VP4Se8L0gWNVPL9jLa4xZxDXBOCrQCHlUkEuC_QO5KIKj9AzlpQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.5.0.0; and Set-Cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8DR5ohJGZplEj7fE6niEf5RrLor66Y_-5OrVyG5Fq9emKvC2nf1AkED8NOjrnxZfpifC8JdUw7Khup8ep05a65GSwXaT7O3g6dPlam_ZsIQGb2Mr4-Mnh7AnQWS9vTnG9Oj1GUF449ZUqDroEPnQOiqeRveQzswfADYBAhbjexOcJ9WqcsNcc3MF5PCt8GnvQdDdrbaCQz5Sqg0xZ-03ATi9TBgs3z5YVEVieUlFpllaRFYzENxFJreVjdGaAo8Zo4WkVCu6qz9qR7wZEMzcpgY=N; expires=Tue, 28 Apr 2020 10:12:48 GMT; path=/signin-oidc; secure; samesite=none; httponly,.AspNetCore.Correlation.OpenIdConnect.9TUfulEgkJ30nsYk-XwNP-w_Kt4xSe5IkpoLvBosM18=N; expires=Tue, 28 Apr 2020 10:12:48 GMT; path=/signin-oidc; secure; samesite=none; httponly.
[11:57:48 INF] AuthenticationScheme: OpenIdConnect was challenged.
[11:57:48 INF] Executed action Monitoring.Controllers.AccountController.ExternalLogin (ToSec.Presentation) in 11.6731ms
[11:57:48 INF] Executed endpoint 'Monitoring.Controllers.AccountController.ExternalLogin (ToSec.Presentation)'
[11:57:48 INF] HTTP POST /Account/ExternalLogin?returnurl=%2F responded 302 in 15.9658 ms
Response sent: https://localhost:44338/Account/ExternalLogin?returnurl=%2F with HTTP status 302.0
[11:57:48 INF] Request finished in 18.7003ms 302 
[11:57:48 DBG] Connection ID "17654110545197924495" disconnecting.
Response sent: https://localhost:44338/Account/ExternalLogin?returnurl=%2F with HTTP status 302.0
Anforderung gestartet: "POST" https://localhost:44338/signin-oidc
[11:57:49 INF] Request starting HTTP/2.0 POST https://localhost:44338/signin-oidc application/x-www-form-urlencoded 1774
[11:57:49 DBG] POST requests are not supported
[11:57:49 DBG] No candidates found for the request path '/signin-oidc'
[11:57:49 DBG] Request did not match any endpoints
[11:57:49 DBG] 2. Begin OnMessageReceivedAsync
[11:57:49 DBG]    Received from STS the OpenIdConnect message:
[11:57:49 DBG]    - EnableTelemetryParameters=True
[11:57:49 DBG]    - EnableTelemetryParametersByDefault=True
[11:57:49 DBG]    - IdToken=Id-Token is set but I removed it from log entry
[11:57:49 DBG]    - RequestType=Authentication
[11:57:49 DBG]    - SessionState=16d0f1fd-df4c-4af7-984c-78de75ac8849
[11:57:49 DBG]    - SkuTelemetryValue=ID_NETSTANDARD2_0
[11:57:49 DBG]    - IssuerAddress=
[11:57:49 DBG]    - Parameters=System.Collections.Generic.Dictionary`2[System.String,System.String]
[11:57:49 DBG]    - PostTitle=Working...
[11:57:49 DBG]    - Script=<script language="javascript">window.setTimeout('document.forms[0].submit()', 0);</script>
[11:57:49 DBG]    - ScriptButtonText=Submit
[11:57:49 DBG]    - ScriptDisabledText=Script is disabled. Click Submit to continue.
[11:57:49 DBG] 2. End - OnMessageReceivedAsync
[11:57:49 DBG] Updating configuration
[11:57:49 DBG] Received 'id_token'
[11:57:49 DBG] 3. Begin OnTokenValidatedAsync
[11:57:49 DBG] 3. End - OnTokenValidatedAsync
[11:57:49 INF] AuthenticationScheme: Cookies signed in.
[11:57:49 INF] HTTP POST /signin-oidc responded 302 in 11.9594 ms
Response sent: https://localhost:44338/signin-oidc with HTTP status 302.0
Response sent: https://localhost:44338/signin-oidc with HTTP status 302.0
[11:57:49 INF] Request finished in 13.988ms 302 
Response sent: https://localhost:44338/signin-oidc with HTTP status 302.0
Anforderung gestartet: "GET" https://localhost:44338/Account/ExternalLoginCallback?ReturnUrl=%2F
[11:57:49 INF] Request starting HTTP/2.0 GET https://localhost:44338/Account/ExternalLoginCallback?ReturnUrl=%2F  
[11:57:49 DBG] The request path /Account/ExternalLoginCallback does not match a supported file type
[11:57:49 DBG] 1 candidate(s) found for the request path '/Account/ExternalLoginCallback'
[11:57:49 DBG] Endpoint 'Monitoring.Controllers.AccountController.ExternalLoginCallback (ToSec.Presentation)' with route pattern '{controller=Home}/{action=Index}/{id?}' is valid for the request path '/Account/ExternalLoginCallback'
[11:57:49 DBG] Request matched endpoint 'Monitoring.Controllers.AccountController.ExternalLoginCallback (ToSec.Presentation)'
[11:57:49 DBG] AuthenticationScheme: Identity.Application was not authenticated.
[11:57:49 INF] Executing endpoint 'Monitoring.Controllers.AccountController.ExternalLoginCallback (ToSec.Presentation)'
[11:57:49 INF] Route matched with {action = "ExternalLoginCallback", controller = "Account"}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] ExternalLoginCallback(System.String, System.String) on controller Monitoring.Controllers.AccountController (ToSec.Presentation).
[11:57:49 DBG] Execution plan of authorization filters (in the following order): ["Microsoft.AspNetCore.Mvc.RequireHttpsAttribute (Order: -2147483598)"]
[11:57:49 DBG] Execution plan of resource filters (in the following order): ["Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter"]
[11:57:49 DBG] Execution plan of action filters (in the following order): ["Microsoft.AspNetCore.Mvc.Filters.ControllerActionFilter (Order: -2147483648)", "Microsoft.AspNetCore.Mvc.ModelBinding.UnsupportedContentTypeFilter (Order: -3000)", "ToSec.Presentation.Filters.GlobalActionFilter"]
[11:57:49 DBG] Execution plan of exception filters (in the following order): ["None"]
[11:57:49 DBG] Execution plan of result filters (in the following order): ["Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter"]
[11:57:49 DBG] Executing controller factory for controller Monitoring.Controllers.AccountController (ToSec.Presentation)
[11:57:49 DBG] Executed controller factory for controller Monitoring.Controllers.AccountController (ToSec.Presentation)
[11:57:49 DBG] Attempting to bind parameter 'returnUrl' of type 'System.String' ...
[11:57:49 DBG] Attempting to bind parameter 'returnUrl' of type 'System.String' using the name 'returnUrl' in request data ...
[11:57:49 DBG] Done attempting to bind parameter 'returnUrl' of type 'System.String'.
[11:57:49 DBG] Done attempting to bind parameter 'returnUrl' of type 'System.String'.
[11:57:49 DBG] Attempting to validate the bound parameter 'returnUrl' of type 'System.String' ...
[11:57:49 DBG] Done attempting to validate the bound parameter 'returnUrl' of type 'System.String'.
[11:57:49 DBG] Attempting to bind parameter 'remoteError' of type 'System.String' ...
[11:57:49 DBG] Could not find a value in the request with name '' for binding parameter 'remoteError' of type 'System.String'.
[11:57:49 DBG] Done attempting to bind parameter 'remoteError' of type 'System.String'.
[11:57:49 DBG] Done attempting to bind parameter 'remoteError' of type 'System.String'.
[11:57:49 DBG] Attempting to validate the bound parameter 'remoteError' of type 'System.String' ...
[11:57:49 DBG] Done attempting to validate the bound parameter 'remoteError' of type 'System.String'.
[11:57:49 DBG] AuthenticationScheme: Identity.External was not authenticated.

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:24

github_iconTop GitHub Comments

7reactions
jmprieurcommented, Dec 6, 2020

@jennyf19 thanks for your PR.

I just tested the scenario and this works fine with your modification when ensuring that the cookieScheme is set to null

dotnet new mvc --auth Individual

Change the ConfigureServices(IServiceCollection services) to add the likes your proposed:

// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
 services.AddDbContext<ApplicationDbContext>(options =>
      options.UseSqlite(Configuration.GetConnectionString("DefaultConnection")));
            
 services.AddDatabaseDeveloperPageExceptionFilter();

 services.AddDefaultIdentity<IdentityUser>(options => options.SignIn.RequireConfirmedAccount = true)
   .AddEntityFrameworkStores<ApplicationDbContext>();
 services.AddControllersWithViews();

 services.AddAuthentication()
   .AddMicrosoftIdentityWebApp(Configuration, cookieScheme: null); 
}

And this works! This proposes the OpenIdConnect button, which registers the user.

When the PR is merged, we’d want to document the scenario in the wiki

6reactions
erik1988commented, Dec 11, 2020

Thanks! I found that this works works well: services.AddAuthentication() .AddMicrosoftIdentityWebApp(Configuration,"AzureAd", "AzureAD", cookieScheme: null);

With the “AzureAD” it will look for the existing entry in “AspNetUserLogins” table, without it you may get some issues as it will try to register the user and then give an error saying that the email already exist.

Read more comments on GitHub >

github_iconTop Results From Across the Web

asp.net core - _signInManager.GetExternalLoginInfoAsync ...
GetExternalLoginInfoAsync() to not return null and for the [Authorize] attribute to work for users who log in using Github.
Read more >
GetExternalLoginInfoAsync always returns null
GetExternalLoginInfoAsync, always results in a null value being returned regardless of the authentication provider.
Read more >
OWIN's GetExternalLoginInfoAsync Always Returns null-Asp ...
use this custom function to get logininfo. obviously microsoft has a bug for getexternallogininfoasync when requesting over web api.
Read more >
AuthenticationManager.GetExternalLoginInfoAsync() ...
GetExternalLoginInfoAsync ();" starts returning null randomly or frequently. When the application is deployed on production intially it runs well ...
Read more >
External Identity Provider with ASP.NET Core Identity
Once an external user logs in to our system, they will always bring an identifier that is unique for that user in our...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

[Bug] Adding Redis as Distributed Cache Triggers NullReferenceException

Next page

[Feature Request] Simplify AuthenticationBuilder.AddSignIn extension method for web app