IdentityServer handling timeouts and subsequent redirects

Question

I've implemented IdentityServer3 in my application and it has been working really good. However recently I came across some behaviour I can't quite figure out so I was hoping someone could tell me what I'm either doing wrong or how I should be doing the following:

I have a ASP.NET MVC application that uses IdentityServer for authentication. The user authenticates and opens a specific page within the application. He moves away from his PC, comes back a little later and clicks another link within the application (e.g. controller/action/38). The application then redirects the user to:

http://localhost/MyIdentityServer/identity/connect/authorize?client_id=myapp&redirect_uri=http://localhost/MyApp/controller/action/38&response_mode=form_post&response_type=id_token&scope=openid+profile+roles etc.

Since only the root url of the app (http://localhost/MyApp) is registered as a RedirectUrl in IdentityServer it shows the following message:

The client application is not known or is not authorized.

Rightfully so, since the controller + action aren't valid RedirectUrls. However, I cannot image that I'd have to add all the controllers and actions to the RedirectUrl property, especially since they take data-related parameters. Surely I must be doing something wrong but what?

Answer 1

You're modifying the redirecturi provided to idsrv on each request to idsrv:

remove this line:

   notification.ProtocolMessage.RedirectUri = something