X
Thinta lapha ukuze uye kuveshini yamakhalekhukhwini kusayithi.

Isithangami Sabeseki

Identity server 4 external login not working in Firefox but working in Chrome

  • Akukho zimpendulo
  • 1 inale nkinga
  • 15 imibono
Kuphostiwe

I have implemented an authentication server with Identity server 4 in ASP.NET core 3.1. Here I have used Azure AD and Google as external login provider. These external login providers working fine in chrome browser but not working in Firefox.

Authentication code,

services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)

   .AddMicrosoftAccount(option =>
   {
       option.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
       option.ClientId = "Client id";
       option.ClientSecret = "Client secret";
       option.AuthorizationEndpoint = "AuthorizationEndpoint";
       option.TokenEndpoint = "TokenEndpoint";
       option.SaveTokens = true;
       option.StateDataFormat = new DistributedCacheStateDataFormatter(contextAccessor, "Microsoft");      
   })
   .AddGoogle(option =>
   {
       option.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
       option.ClientId = "Client id";
       option.ClientSecret = "Client secret";
       option.SaveTokens = true;
   })
   .AddCookie(options =>
   {
       options.SlidingExpiration = true;
       options.ExpireTimeSpan = new TimeSpan(7, 0, 0, 0);
       options.Cookie.SameSite = SameSiteMode.Lax;
       options.Cookie.HttpOnly = true;
    });

When using chrome browser external login working fine and authentication properly. When using firefox browser got the below exception from Azure AD,

System.Exception: An error was encountered while handling the remote login.

---> System.Exception: OAuth token endpoint failure: Status: BadRequest;Headers: Cache-Control: no-cache, no-store

Pragma: no-cache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff x-ms-request-id: 33040f25-8122-455c-b96a-f2cfd23acb00 x-ms-ests-server: 2.1.9926.12 - EST ProdSlices P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" Set-Cookie: fpc=Atvp3Rwgaz5EtF1RBA6_Ip4XiiowBQAAAA7uwdUOAAAARMZjlAIAAAAO78HVDgAAAA; expires=Thu, 27-Feb-2020 08:59:59 GMT; path=/; secure; HttpOnly; SameSite=None, x-ms-gateway-slice=prod; path=/; SameSite=None; secure; HttpOnly, stsservicecookie=ests; path=/; secure; HttpOnly; SameSite=None Date: Tue, 28 Jan 2020 08:59:59 GMT

Body: {"error":"invalid_grant","error_description":"AADSTS54005: OAuth2 Authorization code was already redeemed, please retry with a new valid code or use an existing refresh token.\r\nTrace ID: 33040f25-8122-455c-b96a-f2cfd23acb00\r\nCorrelation ID: afb9b3fc-fb80-4796-b1e4-af31ec0261b1\r\nTimestamp: 2020-01-28 08:59:59Z","error_codes":[54005],"timestamp":"2020-01-28 08:59:59Z","trace_id":"33040f25-8122-455c-b96a-f2cfd23acb00","correlation_id":"afb9b3fc-fb80-4796-b1e4-af31ec0261b1"};

Network log,

Attached as image.

Note : Authentication working fine in localhost for both Firefox and Chrome. After published only, Firefox not working.

I have implemented an authentication server with Identity server 4 in ASP.NET core 3.1. Here I have used Azure AD and Google as external login provider. These external login providers working fine in chrome browser but not working in Firefox. Authentication code, services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddMicrosoftAccount(option => { option.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme; option.ClientId = "Client id"; option.ClientSecret = "Client secret"; option.AuthorizationEndpoint = "AuthorizationEndpoint"; option.TokenEndpoint = "TokenEndpoint"; option.SaveTokens = true; option.StateDataFormat = new DistributedCacheStateDataFormatter(contextAccessor, "Microsoft"); }) .AddGoogle(option => { option.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme; option.ClientId = "Client id"; option.ClientSecret = "Client secret"; option.SaveTokens = true; }) .AddCookie(options => { options.SlidingExpiration = true; options.ExpireTimeSpan = new TimeSpan(7, 0, 0, 0); options.Cookie.SameSite = SameSiteMode.Lax; options.Cookie.HttpOnly = true; }); When using chrome browser external login working fine and authentication properly. When using firefox browser got the below exception from Azure AD, System.Exception: An error was encountered while handling the remote login. ---> System.Exception: OAuth token endpoint failure: Status: BadRequest;Headers: Cache-Control: no-cache, no-store Pragma: no-cache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff x-ms-request-id: 33040f25-8122-455c-b96a-f2cfd23acb00 x-ms-ests-server: 2.1.9926.12 - EST ProdSlices P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" Set-Cookie: fpc=Atvp3Rwgaz5EtF1RBA6_Ip4XiiowBQAAAA7uwdUOAAAARMZjlAIAAAAO78HVDgAAAA; expires=Thu, 27-Feb-2020 08:59:59 GMT; path=/; secure; HttpOnly; SameSite=None, x-ms-gateway-slice=prod; path=/; SameSite=None; secure; HttpOnly, stsservicecookie=ests; path=/; secure; HttpOnly; SameSite=None Date: Tue, 28 Jan 2020 08:59:59 GMT ;Body: {"error":"invalid_grant","error_description":"AADSTS54005: OAuth2 Authorization code was already redeemed, please retry with a new valid code or use an existing refresh token.\r\nTrace ID: 33040f25-8122-455c-b96a-f2cfd23acb00\r\nCorrelation ID: afb9b3fc-fb80-4796-b1e4-af31ec0261b1\r\nTimestamp: 2020-01-28 08:59:59Z","error_codes":[54005],"timestamp":"2020-01-28 08:59:59Z","trace_id":"33040f25-8122-455c-b96a-f2cfd23acb00","correlation_id":"afb9b3fc-fb80-4796-b1e4-af31ec0261b1"}; Network log, Attached as image. Note : Authentication working fine in localhost for both Firefox and Chrome. After published only, Firefox not working.
Ama-screenshot ananyekiwe
Isicaphuno

Eminye Imininingwane Yohlelo

Isisebenziso

  • I-ejenti Engumsebenzisi: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0

Eminye Imininingwane

Kufanele ulogele ukungena ku-akhawunti yakho ukuze uphendule amaphosti. Uyacelwauqale umbuzo omusha, uma ungekabi nayo i-akhawunti namanje.