Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

React SPA / Embedded Identity Server issue after .net core 3 preview 8 upgrade

We have a React SPA which was initially created using the SPA templates and running on .NET Core 3 preview 7. The React SPA "The client" was configured for implicit flow and successfully using the oidc-client. All working.

Here is the client config in my startup.cs:

        var mySPAClient = new IdentityServer4.Models.Client()
        {
            AccessTokenLifetime = accessTokenLifetime,
            RedirectUris =
                {
                    $"{host}/authentication/login-callback",
                    $"{host}/silent-refresh.html"
                },
            PostLogoutRedirectUris =
                {
                    $"{host}/authentication/logout-callback"
                },
            ClientId = "projectName.web",
            AllowedScopes =
                {
                    "projectName.webAPI",
                    "openid",
                    "profile"
                },
            ClientName = "projectName.web",
            RequireConsent = false,
            AllowedGrantTypes =
                {
                    IdentityModel.OidcConstants.GrantTypes.Implicit
                },
            AllowAccessTokensViaBrowser = true,
        };

But now when i upgrade to preview 8 for any assembly that was preview 7 I am getting the following error in the logs

[10:55:34 Error] Invalid grant type for client: "authorization_code" AuthorizeRequestValidationLog { ClientId: "projectName.web", ClientName: "projectName.web", RedirectUri: "https://localhost:44343/authentication/login-callback", AllowedRedirectUris: ["https://localhost:44343/authentication/login-callback", "https://localhost:44343/silent-refresh.html"], SubjectId: "anonymous", ResponseType: "code", ResponseMode: "query", GrantType: "authorization_code", RequestedScopes: "", State: "a1e84334a8c94b7db599ddb9336447c8", UiLocales: null, Nonce: null, AuthenticationContextReferenceClasses: null, DisplayMode: null, PromptMode: null, MaxAge: null, LoginHint: null, SessionId: null, Raw: [("client_id": "projectName.web"), ("redirect_uri": "https://localhost:44343/authentication/login-callback"), ("response_type": "code"), ("scope": "projectName.webAPI openid profile"), ("state": "a1e84334a8c94b7db599ddb9336447c8"), ("code_challenge": "E8p1sg1Y0TdbhxccGB-_fbx7D6GnJXfCpcYu1IHZC_k"), ("code_challenge_method": "S256"), ("prompt": "none")] } (IdentityServer4.Validation.AuthorizeRequestValidator) [10:55:34 Error] Request validation failed (IdentityServer4.Endpoints.AuthorizeEndpoint)

I don't know why it now is referring to authorization_code and this error is appearing?

Cheers for any assistance

like image 622
Andrew Duffy Avatar asked Sep 03 '19 01:09

Andrew Duffy


1 Answers

Changing the response_type to be "token" rather than "code" and you should be ok

Update:

Make sure you provide correct authority, client_id, response_type, scope settings

like image 183
Tony Ngo Avatar answered Oct 19 '22 18:10

Tony Ngo