Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

When upgrading from net 5.0 to net 6.0, cannot access/login into IdentityServer Admin, throws OpenIdConnectProtocolException - running inside docker with nginx as reverse proxy #1028

Open
martinussuherman opened this issue Jan 4, 2023 · 0 comments
Open

When upgrading from net 5.0 to net 6.0, cannot access/login into IdentityServer Admin, throws OpenIdConnectProtocolException - running inside docker with nginx as reverse proxy #1028

martinussuherman opened this issue Jan 4, 2023 · 0 comments
Assignees
@skoruba
Labels
bug report

Comments

@martinussuherman
Copy link
Contributor

Describe the bug

When using IdentityServer4.Admin with net 5.0, the Admin page can be accessed successfully, but when upgraded to net 6.0 the Admin page cannot be accessed anymore, also other clients failed to authenticate.

To Reproduce

Deploy IdentityServer, IdentityServer Admin, and Nginx each to their own docker image, configure Nginx as reverse proxy with https, then login to IdentityServer, after that try to access IdentityServer Admin from IdentityServer top right link, it will throw exception.

Relevant parts of the log file

This is the relevant log from Skoruba.IdentityServer4.Admin:

[INF] Request starting HTTP/1.1 POST http://identity-server-admin.domain.com/signin-oidc application/x-www-form-urlencoded 590
[DBG] The request is insecure. Skipping HSTS header.
...
[ERR] Message contains error: 'invalid_request', error_description: 'error_description is null', error_uri: 'error_uri is null', status code '400'.
[ERR] Exception occurred while processing message. Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException: Message contains error: 'invalid_request', error_description: 'error_description is null', error_uri: 'error_uri is null'. 
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest) 
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync()

This is the relevant log from Skoruba.IdentityServer4.STS.Identity:

[INF] Request starting HTTP/1.1 GET http://identity-server.domain.com/connect/token - -
...
[WRN] Invalid HTTP request for token endpoint
...
[INF] Request finished HTTP/1.1 GET http://identity-server.domain.com/connect/token - - - 400 - application/json;+charset=UTF-8 19.3230ms

You might notice that all request are not https but http.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@skoruba skoruba

Labels
bug report
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@martinussuherman @skoruba