CODEWITHSUNDEEP
asp.net-core-mvcidentityserver4openid-connect
Max
Max

Reputation: 60

.net core identity server 4 authentication handler for oidc

I am having trouble with authentication. When I try to connect to identity server it throws an error. I can successfully login when I am on the identity server, but when I try to connect to the identity server from my web app it throws the error below.

Anyone able to look and see what I have done wrong?

Error: "No Authentication handler is configured to handle the scheme: oidc"

I am using the following code in my Website Startup.cs

        JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
        services.AddAuthentication(options =>
        {
            options.DefaultScheme =
                CookieAuthenticationDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme =
                OpenIdConnectDefaults.AuthenticationScheme;
        })
        .AddCookie()
        .AddOpenIdConnect(options =>
        {
            options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            options.Authority = "http://localhost:5000"; // Auth Server
            options.RequireHttpsMetadata = false; // only for development 
            options.ClientId = "mvc"; // client setup in Auth Server
            options.ClientSecret = Configuration["Identity_Server:Client_Secret"].Sha256();
            options.ResponseType = "code id_token"; // means Hybrid flow
            options.Scope.Add("API1");
            options.GetClaimsFromUserInfoEndpoint = true;
            options.SaveTokens = true;
        });

        services.AddMvc();

I am using the following in my Identity Startup.cs

        services.AddDbContext<DbContext>(options =>
            options.UseMySQL(Configuration.GetConnectionString("MySQL")));

        services.AddIdentity<ApplicationUser, IdentityRole>()
                .AddEntityFrameworkStores<DbContext>()
                .AddDefaultTokenProviders();

        // Add application services.
        services.AddTransient<IEmailSender, EmailSender>();

        var config = new Config(Configuration);
        services.AddIdentityServer()
                .AddDeveloperSigningCredential(filename: "tempkey.rsa")
                .AddInMemoryIdentityResources(config.GetIdentityResources())
                .AddInMemoryApiResources(config.GetApiResources())
                .AddInMemoryClients(config.GetClients())
                .AddAspNetIdentity<ApplicationUser>();

        services.AddMvc();

I am using the following in my config file

    private static IConfiguration _config;

    public Config(IConfiguration configuration)
    {
        _config = configuration;
    }

    public IEnumerable<Client> GetClients()
    {
        return new List<Client>
        {
            new Client
            {
                ClientId = "mvc",
                ClientName = "MVC Client",
                AllowedGrantTypes = GrantTypes.Hybrid,
                RequireConsent = false,
                ClientSecrets =
                {
                    new Secret(_config["secret"].Sha256())
                },
                RedirectUris           = { "http://localhost:5002/signin-oidc" },
                PostLogoutRedirectUris = { "http://localhost:5002/signout-callback-oidc" },
                AllowedScopes =
                {
                    IdentityServerConstants.StandardScopes.OpenId,
                    IdentityServerConstants.StandardScopes.Profile,
                    "API1"
                },
                AllowOfflineAccess = true
            }
        };
    }

    public  IEnumerable<IdentityResource> GetIdentityResources()
    {
        return new List<IdentityResource>
        {
            new IdentityResources.OpenId(),
            new IdentityResources.Profile(),
        };
    }

    public IEnumerable<ApiResource> GetApiResources()
    {
        return new List<ApiResource>()
        {
            new ApiResource("API1", "Allow to Manage API1")
        };
    }

Upvotes: 1

Views: 867

Answers (1)

span
span

Reputation: 5614

You need a Name, Challenge and Handler defined like this:

public void ConfigureServices(IServiceCollection services)
{
  services.AddMvc();

  JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();

  services.AddAuthentication(options =>
    {
        options.DefaultScheme = "Cookies";
        options.DefaultChallengeScheme = "oidc";
    })
    .AddCookie("Cookies")
    .AddOpenIdConnect("oidc", options =>
    {
        options.SignInScheme = "Cookies";

        options.Authority = "http://localhost:5000";
        options.RequireHttpsMetadata = false;

        options.ClientId = "mvc";
        options.SaveTokens = true;
    });

}

http://docs.identityserver.io/en/release/quickstarts/3_interactive_login.html

Upvotes: 1

Related Questions