Reputation: 869
Identity Server 3 Contacting the web server hangs when launching debug mode
I am working on an API that needs to secure certain endpoints for users with correct permissions. I am using IdentityServer3 and following this pluralsight course: https://app.pluralsight.com/library/courses/oauth-secure-asp-dot-net-api/table-of-contents
I've gone through the steps of creating a self-signed certificate and loading that as my signing certificate. I have both my API and my Auth server in the same .NET project.
In the startup.cs file, if I use this code to configure how an incoming token is accepted, the application works fine and I can access an endpoint with the [Authorize] attribute:
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.UseIdentityServer(CreateIdentityServerOptions());
var cert = new x509certificate2(
convert.frombase64string("My Certificate Public Key")
);
app.usejwtbearerauthentication(new jwtbearerauthenticationoptions
{
allowedaudiences = new[] { "http://localhost/MyProject/resources" },
tokenvalidationparameters = new tokenvalidationparameters
{
validaudience = "http://localhost/MyProject/resources",
validissuer = "http://localhost/MyProject",
issuersigningkey = new x509securitykey(cert)
}
});
}
//Other Code, such as CreateIdentityServerOptions(), goes here.
}
Thus I can hit a breakpoint inside this endpoint:
[HttpGet]
[Authorize]
public IHttpActionResult GetUser()
{
var claimsPrincipal = User as ClaimsPrincipal;
var userName = claimsPrincipal.FindFirst("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier").Value;
var userId = GetUserId(userName);
return Ok();
}
But if I keep following the course and get to the part where it uses IdentityServer3.AccessTokenValidation to simplify the code like this:
public void Configuration(IAppBuilder app)
{
app.UseIdentityServer(CreateIdentityServerOptions());
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions()
{
Authority = "http://localhost/MyProject"
});
}
After this change, when I launch the application, I get a popup in visual studio that says "Contacting the web server to start debugging" that hangs for a couple minutes, then gives up and exits. The application does not launch.
I suspect that this is because I have the logic for both the Auth provider and Auth consumer in the same project, thus it is essentially waiting for the project to start to grab the public key... so it can start. But I want to make sure I understand the issue before I choose how to move forward.
Upvotes: 0
Views: 793
Answers (1)
Reputation: 18482
If IdentityServer and the token consumer are hosted in the same application there can be a race condition when fetching the discovery document.
For these situations set the DelayLoadMetadata property on the access token validation middleware to true.
Upvotes: 3
Related Questions
- Identity Server 4/nativescript Hangs
- Identity Server 404 after login (stuck on signin-oidc)
- Debugging IdentityServer4 data store
- Troubleshooting Identity Server 4
- ASP.NET Debugging Timing out with IIS
- IdentityServer4 RequireConsent true hangs
- IdentityServer 3 will not startup
- ASP.NET MVC Identity Framework hangs on FindByEmail call in development, but not live version
- Browser hangs in IdentityServer MVC walkthrough when calling callapi/clientcredentials
- Visual Studio 2013 debug session stops 1 minute after logging in with AspNet Identity