how to solve the loop in IdentityServer4 - connect/authorize/callback?client_id=?

Question

hello community I have a project created with asp.net core, blazor webassembly and Identity4, the local project works very well, I published it on an IIS server so that it could be seen from the internet, the project was loaded perfectly, the only detail is that when I enter the login it is loading, until I give it to empty cache and load in a forced way, I can enter the login form, then I enter my credentials and again it stays loading until I empty the cache again and enter the page that indicates I'm already logged in.

How can I enter the login form without emptying the cache and loading forcefully?

When I click the login button, it sends me to this route but it's wrong:

connect/authorize?client_id=BlazorApp.Client&redirect_uri=https%3A%2F%2

this is the route that is fine to take me:

Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id

this is my class startup:

 public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
        public void ConfigureServices(IServiceCollection services)
        {         

            services.AddDbContext<SimulexContext>
                          (options => options.UseSqlServer(Configuration.GetConnectionString("SimulexConnection")));

           
            services.AddDefaultIdentity<ApplicationUser>(options => {
            options.SignIn.RequireConfirmedAccount = true;
            options.Password.RequireDigit = false;
            options.Password.RequireLowercase = false;
            options.Password.RequireUppercase = false;
            options.Password.RequireNonAlphanumeric = false;
            })
            .AddRoles<IdentityRole>()
            .AddEntityFrameworkStores<ApplicationDbContext>();

            services.AddIdentityServer()
                .AddApiAuthorization<ApplicationUser, ApplicationDbContext>()
                .AddProfileService<IdentityProfileService>();

            services.AddAuthentication()
               .AddIdentityServerJwt();

            services.Configure<PayPalConfiguration>(Configuration.GetSection("PayPal"));
           

            services.AddControllersWithViews();
            services.AddRazorPages();

           
            services.AddAutoMapper(typeof(Startup));

            
            services.AddScoped<NotificacionesService>();

            
            services.AddScoped<IAlmacenadorDeArchivos, AlmacenadorArchivosLocal>();
            
            services.AddHttpContextAccessor();

            
            services.AddMvc().AddNewtonsoftJson(options =>
            options.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore);
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
                app.UseWebAssemblyDebugging();
            }
            else
            {
                app.UseExceptionHandler("/Error");
                // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
                app.UseHsts();
            }

            app.UseHttpsRedirection();
            app.UseBlazorFrameworkFiles();
            app.UseStaticFiles();

            app.UseRouting();            
            
            app.UseAuthentication();
            app.UseIdentityServer();
            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapGet("/api/config/notificacionesllavepublica", async context =>
                 {
                     var configuration = context.RequestServices.GetRequiredService<IConfiguration>();
                     var llavePublica = configuration.GetValue<string>("notificaciones:llave_publica");
                     await context.Response.WriteAsync(llavePublica);
                 });

                endpoints.MapRazorPages();
                endpoints.MapControllers();              
                endpoints.MapFallbackToFile("index.html");
            });
        }
    }

this is my page appsettingsjson:

"IdentityServer": {
    "Key": {
      "Type": "Development"
    },
    "Clients": {
      "BlazorApp.Client": {
        "Profile": "IdentityServerSPA"
      }
    }
  },

Answer 1

Can you share your startup for the blazor app?

I had the same issue a couple weeks ago but with an asp.net mvc app when integrating is4 with which had identity configured. So it could be same for you.

Enet's solution might work, but I have not tried it. Below is another solution which worked for me only if you have Identity configured in your Blazor app. Try setting the schemes in your services.AddAuthentication and AddOpenIdConnect:

services.AddAuthentication(options =>
{
    options.DefaultScheme = "Cookies";
    options.DefaultChallengeScheme = "Oidc";
    options.DefaultAuthenticateScheme = "Cookies"; // <-- add this line
})
    .AddCookie("Cookies", options =>
    {
    })
    .AddOpenIdConnect("oidc", options =>
    {
        options.SignInScheme = "Cookies"; // <-- add this line
    })
;