Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Unable to add OpenID Connect authentication scheme dynamically
See original GitHub issueDescribe the bug
I am unable to add an OpenID Connect authentication scheme “dynamically” (outside of Startup.cs). Based on the discussion here, it sounds like it should be doable by following the DynamicSchemes sample, however that is not the case. I found this discussion in which another person is having the same issue.
To Reproduce
I made a fork of DynamicSchemes with the OpenID Connect code added to it to show what’s going on.
Steps to reproduce the behavior:
- Clone my DynamicSchemes fork
- Replace the “XXX” strings with an Authority, ClientID, and Client Secret for an OIDC provider of your choosing
- Run the sample
- Click the button under “Add OpenID Connect scheme” to add the scheme dynamically
- Click the “Sign in with OpenID Connect” button in the navbar to attempt to sign-in
- At this point you will get the following error: “InvalidOperationException: Provide Authority, MetadataAddress, Configuration, or ConfigurationManager to OpenIdConnectOptions”
- You can get around this by passing a
ConfigurationManagerto theOpenIdConnectOptions. Uncomment this line and fill in the “XXX” with the metadata address for your OIDC provider - Run the sample again, you will get the following error: “NullReferenceException: Object reference not set to an instance of an object.”
Expected behavior
Signing in to the dynamically added OIDC scheme should work without errors.
Screenshots
N/A
Additional context
Add any other context about the problem here.
Include the output of dotnet --info
PS C:\git\AspNetCore\src\AuthSamples> dotnet --info
.NET Core SDK (reflecting any global.json):
Version: 3.0.100-preview-009812
Commit: e3abf6e935
Runtime Environment:
OS Name: Windows
OS Version: 10.0.17134
OS Platform: Windows
RID: win10-x64
Base Path: C:\Program Files\dotnet\sdk\3.0.100-preview-009812\
Host (useful for support):
Version: 3.0.0-preview-27122-01
Commit: 00c5c8bc40
.NET Core SDKs installed:
2.0.0 [C:\Program Files\dotnet\sdk]
2.0.3 [C:\Program Files\dotnet\sdk]
2.1.4 [C:\Program Files\dotnet\sdk]
2.1.100 [C:\Program Files\dotnet\sdk]
2.1.102 [C:\Program Files\dotnet\sdk]
2.1.104 [C:\Program Files\dotnet\sdk]
2.1.201 [C:\Program Files\dotnet\sdk]
2.1.202 [C:\Program Files\dotnet\sdk]
2.1.401 [C:\Program Files\dotnet\sdk]
2.1.402 [C:\Program Files\dotnet\sdk]
2.2.100 [C:\Program Files\dotnet\sdk]
2.2.101 [C:\Program Files\dotnet\sdk]
3.0.100-preview-009812 [C:\Program Files\dotnet\sdk]
.NET Core runtimes installed:
Microsoft.AspNetCore.All 2.1.2 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All]
Microsoft.AspNetCore.All 2.1.4 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All]
Microsoft.AspNetCore.All 2.2.0 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All]
Microsoft.AspNetCore.App 2.1.2 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.AspNetCore.App 2.1.4 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.AspNetCore.App 2.2.0 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.AspNetCore.App 3.0.0-preview-18579-0056 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.NETCore.App 2.0.0 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 2.0.3 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 2.0.5 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 2.0.6 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 2.0.7 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 2.0.9 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 2.1.3-servicing-26724-03 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 2.1.4 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 2.2.0 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 3.0.0-preview-27122-01 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.WindowsDesktop.App 3.0.0-alpha-27128-4 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
To install additional .NET Core runtimes or SDKs:
https://aka.ms/dotnet-download
Issue Analytics
- State:
- Created 5 years ago
- Comments:8 (2 by maintainers)
Top Results From Across the Web
c# - Adding new authentication schemes dynamically
It has a constructor AuthenticationScheme(string name, string displayName, Type handlerType) But I'm not sure how to use the types correctly ...
Read more >Installation | Dynamic Authentication Schemes - IdentityServer
Adding a Dynamic Authentication Scheme. This quickstart will walk you through a typical installation of the Dynamic Authentication Providers ...
Read more >Final: OpenID Connect Dynamic Client Registration 1.0 ...
This specification defines how an OpenID Connect Relying Party can dynamically register with the End-User's OpenID Provider, providing ...
Read more >OpenID Authentication Scheme - TechDocs - Broadcom Inc.
The OpenID authentication scheme lets users submit credentials through an OpenID provider. The OpenID provider authenticates the user and sends an ...
Read more >Authorize with a specific scheme in ASP.NET Core
This article explains how to limit identity to a specific scheme when working with multiple authentication methods.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I agree with John, the dynamically added scheme for OIDC independent of multi-tenant does not work in the sample provided (even for a single scheme at runtime). I’m working with IdentityServer4 which will resolve the idp through the arc_values if present. When removing the (working) AddOpenIdConnect from Startup and into a LoginController using the IAuthenicationSchemeProvider and even the IPostConfigureOptions<OpenIdConnectOptions> an unhandled exception is chucked as the Options.ClientId is unable to be resolved. The IOptionsMonitorCache successfully adds the OpenIdConnectOptions with the named scheme.
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectOptions.Validate() Microsoft.AspNetCore.Authentication.RemoteAuthenticationOptions.Validate(string scheme) Microsoft.AspNetCore.Authentication.AuthenticationHandler<TOptions>.InitializeAsync(AuthenticationScheme scheme, HttpContext context) Microsoft.AspNetCore.Authentication.AuthenticationHandlerProvider.GetHandlerAsync(HttpContext context, string authenticationScheme) IdentityServer4.Hosting.FederatedSignOut.FederatedSignoutAuthenticationHandlerProvider.GetHandlerAsync(HttpContext context, string authenticationScheme) in FederatedSignoutAuthenticationHandlerProvider.cs
Faced same issue today. As it turns out, in the controller where I dynamically added new scheme, IPostConfigureOptions<OpenIdConnectOptions> was resolved to EnsureSignInScheme<TOptions>>. As a work around, created a new instance of OpenIdConnectPostConfigureOptions and called .PostConfigure(options) explicitly
@HaoK, It’ll be helpful to have this issue looked into. Appreciate this design. With earlier version, it was far more difficult to achieve this.