Open Closed

Client validation failed because 'xxx' was not a valid redirect_uri for App_Web. #6031


User avatar
0
byte256 created
  • ABP Framework version: v7.3.3
  • UI Type: MVC
  • Database System: PostgreSQL
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes
  • Exception message and full stack trace: Client validation failed because 'http://admin.xxx.app/signin-oidc' was not a valid redirect_uri for xx_Web.
  • Steps to reproduce the issue: [16:36:11 INF] The request URI matched a server endpoint: Authorization. [16:36:11 INF] The authorization request was successfully extracted: { "client_id": "xx_Web", "redirect_uri": "http://admin.xxx.app/signin-oidc", "response_type": "code id_token", "scope": "openid profile roles email phone xx", "response_mode": "form_post", "nonce": "638335893716720067.OGJiNTU1OWQtMDkwNC00MWI5LWI1NzYtMDkwNDczZTUwYTM4YTg5YjdkZGUtZmQ0NS00YmFmLTg4MmYtNGY1NjRjZmJmZDFm", "state": "CfDJ8FozKWCotsJOkQF5V6oOc10VCi3FAPHvxKgNDueGX0JFbaV2012WLuC8Y5FWWyN7NlyS7Mu1FDRPpnzYobz5I2kost25ZkCwVR1Jay7IsXyhnHTh6homq7Eu5Yjfz73lZtYOWq9BJAaZoDtAzm0914cd6MR5kRlfxtVQ5It3k_KT9iZvBx0vx66_kErrB_LXvmSKzjKufzolM5Pu3H0DH8e_pPXYOn_9y750PmAmDAohg-JGyZ4jUZ5LMTIXqN6HJc0-2tEKLcTKhK8d16PErIfOYFk5YAdAyms74bSHOMKAAyfDbE1nj6n1D5gaY6mcXQ", "x-client-SKU": "ID_NET6_0", "x-client-ver": "6.15.1.0" }. [16:36:11 INF] Client validation failed because 'http://admin.xxx.app/signin-oidc' was not a valid redirect_uri forxxx_Web. [16:36:11 INF] The authorization request was rejected because the redirect_uri was invalid: 'http://admin.xxx.app/signin-oidc'.

Database;


5 Answer(s)
  • User Avatar
    0
    byte256 created

    /up :|

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    Client validation failed because 'http://admin.xxx.app/signin-oidc' was not a valid redirect_uri for SarJz_Web.

    I think the log is clear.

  • User Avatar
    0
    byte256 created

    Hi, i converted it from https to http but now i get the error 'An error was encountered while handling the remote login.'. and my site was working with https. (https://admin.xxx.app) http in the database is not a problem? @liangshiwei

    --------------- LOG -----------

    [04:39:15 INF] Request finished HTTP/1.1 GET http://admin.xxx.app/Abp/ApplicationLocalizationScript?cultureName=en-GB - - - 200 75516 application/javascript 38.9750ms [04:39:16 INF] Request starting HTTP/1.1 POST http://admin.xxx.app/?handler=Login application/x-www-form-urlencoded 182 [04:39:16 INF] Executing endpoint '/Index' [04:39:16 INF] Route matched with {page = "/Index", action = "", controller = "", area = ""}. Executing page /Index [04:39:16 INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy [04:39:16 INF] Executing handler method xx.Web.Pages.IndexModel.OnPostLoginAsync - ModelState is Valid [04:39:16 WRN] The cookie '.AspNetCore.OpenIdConnect.Nonce.CfDJ8O9p43pfRrhNnCgT0JWVgV-2zzx6WW9HFRKqkpmII_xEDD8JCwB9WIETXiCDf9Rd0iU_2GWPPAWkQtAa8mgOs1vwDZc0BTC0bjGgDz-iJ2mP20RSU0s2Q0OpxvwFmpOr6dGaO5RR1nM1dOMIVLhUMzv4EItFB3opAVYACKR3jELXiPbAFKVGXekrv-MVycHUcNs291Js9woSMu9wAkUdBv2jLkqKAyQuXT1-Qcadg9C1LO1S1U-PNJ3K9J6tsGGGjxiXnAWtE_xuEErTN1uN_Uw' has set 'SameSite=None' and must also set 'Secure'. [04:39:16 WRN] The cookie '.AspNetCore.Correlation.zk5sWPQlEKvBVPfKy5Hqb6ZK5CtUNGN4jeZKMr9fJFU' has set 'SameSite=None' and must also set 'Secure'. [04:39:16 INF] AuthenticationScheme: oidc was challenged. [04:39:16 INF] Executed handler method OnPostLoginAsync, returned result . [04:39:16 INF] Executing an implicit handler method - ModelState is Valid [04:39:16 INF] Executed an implicit handler method, returned result Microsoft.AspNetCore.Mvc.RazorPages.PageResult. [04:39:16 WRN] The cookie 'XSRF-TOKEN' has set 'SameSite=None' and must also set 'Secure'. [04:39:16 INF] Executed page /Index in 23.1401ms [04:39:16 INF] Executed endpoint '/Index' [04:39:16 INF] Request finished HTTP/1.1 POST http://admin.xxx.app/?handler=Login application/x-www-form-urlencoded 182 - 302 - text/html;+charset=utf-8 25.5812ms [04:39:16 INF] Request starting HTTP/1.1 POST http://admin.xxx.app/signin-oidc application/x-www-form-urlencoded 1585 [04:39:16 WRN] '.AspNetCore.Correlation.zk5sWPQlEKvBVPfKy5Hqb6ZK5CtUNGN4jeZKMr9fJFU' cookie not found. [04:39:16 INF] Error from RemoteAuthentication: Correlation failed.. [04:39:16 ERR] An unhandled exception has occurred while executing the request. System.Exception: An error was encountered while handling the remote login. ---> System.Exception: Correlation failed. --- End of inner exception stack trace --- at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Volo.Abp.AspNetCore.Security.AbpSecurityHeadersMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    Will it work if you try this? https://community.abp.io/posts/patch-for-chrome-login-issue-identityserver4-samesite-cookie-problem-weypwp3n

  • User Avatar
    0
    byte256 created

    Yes, that solved my problem! Thank you. <3

Made with ❤️ on ABP v9.1.0-preview. Updated on December 05, 2024, 12:19