auth0-samples / auth0-aspnet-owin-mvc-samples Goto Github PK
View Code? Open in Web Editor NEWQuickstart and samples for ASP.NET (OWIN) MVC
License: MIT License
Quickstart and samples for ASP.NET (OWIN) MVC
License: MIT License
Hi,
I am trying to see how MvcApplication sample works so I did following steps
Could you please help me to figure it out?
Microsoft's OWIN implementation (Katana) does some funny business where sometimes the cookies set by an OWIN middleware are lost, not sent in the response (details are https://github.com/aspnet/AspNetKatana/wiki/System.Web-response-cookie-integration-issues). One of the symptoms is that immediately after a successful callback processing there's no session create, and the user still looks unauthenticated.
One of the suggested workarounds is to use the SytemWebCookieManager
, which is already used for the OIDC middleware (together with the SameSiteCookieManager
), but it's not configured for the Cookie Authentication middleware.
We'll need to add it here:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = CookieAuthenticationDefaults.AuthenticationType,
LoginPath = new PathString("/Account/Login"),
CookieSameSite = SameSiteMode.Lax,
// specify the cookie manager
CookieManager = new SameSiteCookieManager(new SystemWebCookieManager()),
});
Hello,
I created a new application and followed the required steps as per "I want to explore a sample app". But when I run it getting following error:
"OpenIdConnectMessage.Error was not null, indicating an error. Error: 'access_denied'. Error_Description (may be empty): 'Service not found: YOUR_API_IDENTIFIER'. Error_Uri (may be empty): 'error_uri is null'."
Also, tried hosting in Local IIS with HTTPS. But still no luck.
I'm a bit confused...
Where in the code is the Callback URL?
I don't see any code that answers the POST to http://localhost:3000/callback
Samples have standard asp.net readme instead of auth0 readme wuth instructions on how-to run and configure sample. (AUTH-3753)
Samples using outdated dependencies from package.json (for example Auth0-ASPNET-Owin). Also auth0 lock version is outdated. (AUTH-3752)
See ticket here:
https://support.auth0.com/tickets/48726
See pull request here:
#16
Hi there,
We've got a development team using the .NET OWIN quick start sample code from the auth0 samples github repository. out of the box, they were having a problem with the sample code due what looks like a TLS 1.2 secured endpoint that didn't allow downgrade. This was showing as the yellow screen of death.
Problem resolved with:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
Would it be possible to update the sample code in the auth0 repo?
Kind Regards,
Darrell
I have downloaded the quick start projects and ran Quickstart/03-Authorization.
I have updated the config to contain the following properties from my dashboard on my Auth0 account:
auth0:Domain
auth0:ClientId
auth0:ClientSecret
There is an override root URL setting that is pointing to the wrong port which I have disabled so that it points to port 3000, as per the config settings
I have updated the return URL etc in my Auth0 dashboard.
I can log in and out of the project fine but if I try and hit the admin page I get caught in a constant redirect as it's looking for a role property that isn't returned in the claims. I have added roles to the user ID and access tokens, as per https://auth0.com/docs/customize/actions/flows-and-triggers/login-flow#add-user-roles-to-id-and-access-tokens
but these don't come back in the claims.
I can get the roles if I use the bearer token mechanism like this:
// Get user info from token
var user = await client.GetUserInfoAsync(result.AccessToken);
// Create claims principal
var claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.NameIdentifier, user.UserId, "http://www.w3.org/2001/XMLSchema#string", $"https://{auth0Domain}/"),
new Claim(ClaimTypes.Name, user.FullName ?? user.Email, "http://www.w3.org/2001/XMLSchema#string",
$"https://{auth0Domain}/")
}, CookieAuthenticationDefaults.AuthenticationType);
foreach (var userAdditionalClaim in user.AdditionalClaims.Values.First().Children())
{
claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, userAdditionalClaim.ToString()));
}
// Sign user into cookie middleware
AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = false }, claimsIdentity);
Should the roles come back in this project example?
(AUTH-4206)
Samples doesn't provide audince parameter in authentication call
I'm following this sample and receiving an error in the AccountController when executing client.GetTokenAsync()
. An error of "Cannot read property 'type' of undefined"
which appears to be thrown by the Auth0.Core
dll.
The StackTrace is:
at Auth0.Core.Http.ApiConnection.d__15.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Auth0.Core.Http.ApiConnection.d__191.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Auth0.Core.Http.ApiConnection.<PostAsync>d__17
1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Auth0Owin.Controllers.AccountController.d__3.MoveNext() in C:\Source\Auth0Owin\Auth0Owin\Controllers\AccountController.cs:line 46
Any assistance would be appreciated.
In project 01-login, file README.md missing instructions that indicate how to run the project.
1- The description of the example is missing and what it allows.
2- Missing the Requirements section
3- Missing the steps to run this project
This should contain the following sections:
Login
This example shows how to add *** Login / SignUp *** to your application using the hosted version of the Lock
widget.
You can read a quickstart for this sample here (https://auth0.com/docs/quickstart/webapp/aspnet-core/01-login).
Requirements
*. NET Core 2.0 SDK (https://www.microsoft.com/net/download/core)
To run this project
Ensure that you have replaced the appsettings.json (SampleMvcApp / appsettings.json) file with the values for your Auth0 account.
Run the application from the command line:
`bash dotnet run
`
Go to http: // localhost: 5000
in your web browser to view the website.
Enviroment Information
Issue
In the ASP.NET (OWIN) Quickstart, when the user tries to log in with a valid account or sign up with a new one, a signature validation error shows up and the user is not able to finish the login process.
(AUTH-3987)
Samples using outdated version of Auth0-ASPNET-Owin, Newtonsoft.Json and other dependencies.
The example project is based on having a ASP.NET 5 or ASP.NET CORE application. Do you have support for ASP.NET 4 application or a specific process that should be followed?
Community issue ref:
https://community.auth0.com/t/asp-net-4-6-2-configuration-setup/36716/3
This section of the "Getting Started" (https://auth0.com/docs/quickstart/webapp/aspnet-owin/01-login?download=true#obtain-an-access-token-for-calling-an-api) does not have a full example I could find in this repo.
In my own project, everything works great until I add the
ResponseType = OpenIdConnectResponseType.Code,
RedeemCode = true
options. Then the Account/Login route works great but I get into an infinite loop on the /Account/Claims route as it tries to log in over and over.
I have verified I have the audience, domain, client id and secret populating correctly and I can see that the login event is completing successfully.
The SecurityTokenValidated
event executes as expected and contains both an accessToken and idToken, which I am setting to claims as in the code snippet.
Please include a full example of obtaining the access token so I can compare to see what is going wrong in my local application.
I’m currently using the quickstart RedirectToIdentityProvider procedure for a OWIN regular web application.
I’ve also added to Allowed Logout URL’S the appropriate URL that comes after ReturnTo in my test application, the problem is that this URL (generated by: notification.ProtocolMessage.PostLogoutRedirectUri) has a stack of two protocols (“https://https/://”) so when i logout, i get a DNS_PROBE_FINISHED_NXDOMAIN where it claims that the typing of the protocol is probably wrong (because of the stack) i’ve tried to brute force the same adress with only one protocol (and change it in allowed logout urls) but it also results in an error, i’d really apreciate any help to get my logout redirecting back to identity correctly!
There seems to be duplicated lines in /Quickstart/01-Login/MvcApplication/MvcApplication/Startup.cs
.
Lines 40 and 66 seem redundant and/or misplaced.
As explained in https://github.com/auth0/auth0-aspnet-owin#katana-issue-with-cookies, the OWIN middleware sometimes fails to set the session cookie (or rather, it losses it). The aforementioned package fixes the problem, we should put it in the samples and seeds.
The quickstart doc should be updated as well to include a mention to it.
I am trying to run the application. I have created a new client on auth0 dashboard and added the callback URl http://localhost:56572/signin-auth0 to the client.
When I try to login with my username password for auth0 i get error saying something went wrong?
What credentials do i need to enter to login?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.