@gterdem,
Thank you for the additional details.
I wasn't understanding how to trigger the login flow from the start and thought there was something complex that needed to be done!
I have modified the page logic to show a button with a link to the public website (which is parsed from the model return url).
Upon returning to the website, the user must log in to restart the login flow.
It's one extra step, but will resolve the issue until a more permanent solution is implemented.
I appreciate the detailed response.
Can you please let me know what I need to change to update the button to trigger the login workflow from the start again?
Thank you.
Hi, any update on this?
We are going live soon and this is a critical issue for us.
Thanks
Shared with info@abp.io
Hi - any thoughts?
I sent the project link to info@abp.com.
Here are some more details on the exception that occurs when the RedirectAllowedUrls setting is added for the public website:
I created a new project with abp suite and was able to isolate the issue a little better.
ABP Framework version: v5.1.4 UI type: Angular DB provider: EF Core Tiered (MVC) or Identity Server Separated (Angular): yes Public website: yes
Running in locally with Null Email Sender in use.
The issue arises in the following scenario:
As a result of this issue, we had added a redirect setting (https://localhost:44306) in the appsettings for the identity server project:
"RedirectAllowedUrls": "http://localhost:4200,https://localhost:44307,https://localhost:44306"
When the redirect url is added, the exception described above is thrown (RemoteAuthentication: OpenIdConnectAuthenticationHandler: message.State is null or empty.).
We also tried with the RedirectAllowedUrl of "https://localhost:44306/signin-oidc" with the same result.
private void ConfigureAuthentication(ServiceConfigurationContext context, IConfiguration configuration)
{
context.Services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
})
.AddCookie("Cookies", options =>
{
options.ExpireTimeSpan = TimeSpan.FromDays(365);
})
.AddAbpOpenIdConnect("oidc", options =>
{
options.Authority = configuration["AuthServer:Authority"];
options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]); ;
options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
options.ClientId = configuration["AuthServer:ClientId"];
options.ClientSecret = configuration["AuthServer:ClientSecret"];
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("role");
options.Scope.Add("email");
options.Scope.Add("phone");
options.Scope.Add("Portal");
});
}
I am encountering the same issue running the application locally, outside of docker.
a) Navigate to url:
https://localhost:44309/Account/Login?ReturnUrl=https%3A%2F%2Flocalhost%3A44306%2Fsignin-oidc
b) Login :
c) Exception:
d) web public log file:
2022-06-07 14:37:48.835 -07:00 [INF] Error from RemoteAuthentication: OpenIdConnectAuthenticationHandler: message.State is null or empty.. 2022-06-07 14:37:48.836 -07:00 [ERR] An unhandled exception has occurred while executing the request. System.Exception: An error was encountered while handling the remote login. ---> System.Exception: OpenIdConnectAuthenticationHandler: message.State is null or empty. --- End of inner exception stack trace --- at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.RequestLocalization.AbpRequestLocalizationMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<
This works - thanks!
