IOException: IDX20807: Unable to retrieve document from: 'System.String'. HttpResponseMessage:

Question

I'm using Asp.Net Core 3.1 and thru Challenge method, calling an external endpoint to authenticate

public async Task<IActionResult> Challenge(string provider, string returnUrl,string userName)
        {
           
                var props = new AuthenticationProperties
                {
                    RedirectUri = Url.Action(nameof(Callback)),
                    Items =
                    {
                        { "returnUrl", returnUrl },
                        { "scheme", provider },
                    },
                    Parameters =
                    {
                        { OidcConstants.AuthorizeRequest.LoginHint, userName }
                    }
                };

                var result = Challenge(props, provider);
                return result;
            }

Error:

An unhandled exception occurred while processing the request.
IOException: IDX20807: Unable to retrieve document from: 'System.String'. HttpResponseMessage: 'System.Net.Http.HttpResponseMessage', HttpResponseMessage.Content: 'System.String'.
Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(string address, CancellationToken cancel)

InvalidOperationException: IDX20803: Unable to obtain configuration from: 'System.String'.
Microsoft.IdentityModel.Protocols.ConfigurationManager<T>.GetConfigurationAsync(CancellationToken cancel)

Appreciate, any quick response.

Answer 1

Got this exception when I created a new .NET 5 project in Visual Studio 2019.

IOException: IDX20807: Unable to retrieve document from: 'System.String'. HttpResponseMessage: 'System.Net.Http.HttpResponseMessage', HttpResponseMessage.Content: 'System.String'. Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(string address, CancellationToken cancel) Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(string address, IDocumentRetriever retriever, CancellationToken cancel) Microsoft.IdentityModel.Protocols.ConfigurationManager.GetConfigurationAsync(CancellationToken cancel)

Before starting the app I got this error:

Required components - dotnet msidentity tool

You can fix this in Connected Services - Service dependencies and set up Microsoft identity platform by pressing Configure.

For me it got stuck like this and nothing happened though:

In appsettings.json I then found the following code:

/*
The following identity settings need to be configured
before the project can be successfully executed.
For more info see https://aka.ms/dotnet-template-ms-identity-platform 
*/

Visited https://aka.ms/dotnet-template-ms-identity-platform and used the tool msidentity-app-sync instead. Started of by installing it and then verifying I had the tool installed.

dotnet tool install -g msidentity-app-sync
dotnet tool list -g

Then ran msidentity-app-sync in the projects folder. A new App registrations will be created in Azure Active Directory and the project now works.

You can also specify tenant and client yourself if you wish to use an existing app like this:

msidentity-app-sync --tenant-id <tenant-id> --username <username> --client-id <client-id>

Answer 2

Not sure how much this relates but someone may find it useful for dealing with this exception.

I am using Asp.Net Core 3.1, trying to implement JWT authentication. After setting Authority I began receiving similar error.

Fix of the issue was setting 'ValidIssuer' parameter, instead of setting Authority.

Answer 3

Confirmed also with Dusan's answer. From https://devblogs.microsoft.com/dotnet/jwt-validation-and-authorization-in-asp-net-core/

Authority is the address of the token-issuing authentication server. The JWT bearer authentication middleware will use this URI to find and retrieve the public key that can be used to validate the token’s signature. It will also confirm that the iss parameter in the token matches this URI.

I am not using a public token-issuing auth server.