Error from RemoteAuthentication: Message contains error: 'redirect_uri_mismatch', error_description: 'AADB2C90006: The redirect URI 'http://b2.95e4700435c54427a457.northeurope.aksapp.io/signin-oidc' provided in the request is not registered for the client id 'eb201049-e7b1-4227-9a7c-5bb259261d37'. Correlation ID: 8f75359e-009f-44e3-b537-3f85f58cdd9c

Question

Error from RemoteAuthentication: Message contains error: 'redirect_uri_mismatch', error_description: 'AADB2C90006: The redirect URI 'http://b2.95e4700435c54427a457.northeurope.aksapp.io/signin-oidc' provided in the request is not registered for the client id 'eb201049-e7b1-4227-9a7c-5bb259261d37'. Correlation ID: 8f75359e-009f-44e3-b537-3f85f58cdd9c

digeler opened this issue 6 years ago · 6 comments

Trying to run b2c app .net core 2.1 ,followed the guide.
but am keep getting the this error : Error from RemoteAuthentication: Message contains error: 'redirect_uri_mismatch', error_description: 'AADB2C90006: The redirect URI 'http://b2.95e4700435c54427a457.northeurope.aksapp.io/signin-oidc' provided in the request is not registered for the client id 'eb201049-e7b1-4227-9a7c-5bb259261d37'.
Correlation ID: 8f75359e-009f-44e3-b537-3f85f58cdd9c

seems like we are redirecting to http instead of https.

my reply url in AAD is : https://b2.95e4700435c54427a457.northeurope.aksapp.io/signin-oidc and not http

full debug log :

fail: Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler[12]
Message contains error: 'redirect_uri_mismatch', error_description: 'AADB2C90006: The redirect URI 'http://b2.95e4700435c54427a457.northeurope.aksapp.io/signin-oidc' provided in the request is not registered for the client id 'eb201049-e7b1-4227-9a7c-5bb259261d37'.
Correlation ID: 8f75359e-009f-44e3-b537-3f85f58cdd9c
Timestamp: 2019-01-01 12:23:03Z
', error_uri: 'error_uri is null'.
info: Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler[4]
Error from RemoteAuthentication: Message contains error: 'redirect_uri_mismatch', error_description: 'AADB2C90006: The redirect URI 'http://b2.95e4700435c54427a457.northeurope.aksapp.io/signin-oidc' provided in the request is not registered for the client id 'eb201049-e7b1-4227-9a7c-5bb259261d37'.
Correlation ID: 8f75359e-009f-44e3-b537-3f85f58cdd9c
Timestamp: 2019-01-01 12:23:03Z
', error_uri: 'error_uri is null'..
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 0.7341ms 302
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 GET http://b2.95e4700435c54427a457.northeurope.aksapp.io/AzureADB2C/Account/Error
info: Microsoft.AspNetCore.Mvc.RazorPages.Internal.PageActionInvoker[3]
Route matched with {page = "/Account/Error", area = "AzureADB2C", action = "", controller = ""}. Executing page /Account/Error
info: Microsoft.AspNetCore.Mvc.RazorPages.Internal.PageActionInvoker[101]
Executing handler method Microsoft.AspNetCore.Authentication.AzureADB2C.UI.Internal.ErrorModel.OnGet with arguments ((null)) - ModelState is Valid
info: Microsoft.AspNetCore.Mvc.RazorPages.Internal.PageActionInvoker[102]
Executed handler method OnGet, returned result .
info: Microsoft.AspNetCore.Mvc.RazorPages.Internal.PageActionInvoker[103]
Executing an implicit handler method - ModelState is Valid
info: Microsoft.AspNetCore.Mvc.RazorPages.Internal.PageActionInvoker[104]
Executed an implicit handler method, returned result Microsoft.AspNetCore.Mvc.RazorPages.PageResult.
info: Microsoft.AspNetCore.Mvc.RazorPages.Internal.PageActionInvoker[4]
Executed page /Account/Error in 0.737ms
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 0.9807ms 200 text/html; charset=utf-8
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 GET http://b2.95e4700435c54427a457.northeurope.aksapp.io/lib/bootstrap/dist/css/bootstrap.css
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 GET http://b2.95e4700435c54427a457.northeurope.aksapp.io/lib/jquery/dist/jquery.js
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 GET http://b2.95e4700435c54427a457.northeurope.aksapp.io/css/site.css
info: Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware[2]
Sending file. Request path: '/css/site.css'. Physical path: '/app/wwwroot/css/site.css'
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 0.2196ms 200 text/css
info: Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware[2]
Sending file. Request path: '/lib/bootstrap/dist/css/bootstrap.css'. Physical path: '/app/wwwroot/lib/bootstrap/dist/css/bootstrap.css'
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 3.5544ms 200 text/css
info: Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware[2]
Sending file. Request path: '/lib/jquery/dist/jquery.js'. Physical path: '/app/wwwroot/lib/jquery/dist/jquery.js'
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 5.816ms 200 application/javascript
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 GET http://b2.95e4700435c54427a457.northeurope.aksapp.io/lib/bootstrap/dist/js/bootstrap.js
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 GET http://b2.95e4700435c54427a457.northeurope.aksapp.io/js/site.js?v=dLGP40S79Xnx6GqUthRF6NWvjvhQ1nOvdVSwaNcgG18
info: Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware[2]
Sending file. Request path: '/js/site.js'. Physical path: '/app/wwwroot/js/site.js'
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 0.2069ms 200 application/javascript
info: Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware[2]
Sending file. Request path: '/lib/bootstrap/dist/js/bootstrap.js'. Physical path: '/app/wwwroot/lib/bootstrap/dist/js/bootstrap.js'
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 1.8534ms 200 application/javascript

help appriciated

Answer 1 · 2019-01-27T04:02:38.000Z

I'm getting this same error in ASP.NET Core 2.2 when deploying into App Engine.

Answer 2 · 2019-01-27T20:06:03.000Z

I found a fix for this and will be issuing a pull request. If for some reason the PR is declined, add this to the top of OnRedirectToIdentityProvider in OpenIdConnectOptionsSetup:

if (context.ProtocolMessage.RedirectUri.Contains("http:"))
{                    
    context.ProtocolMessage.RedirectUri = context.ProtocolMessage.RedirectUri.Replace("http:", "https:");
}

Answer 3 · 2019-02-27T08:25:11.000Z

@elvogel Your solution worked for us. Thanks

Answer 4 · 2019-07-15T11:31:04.000Z

Works locally, but unfortunately this does not work for me when I publish to production. I'm still getting the issue where the redirect URL is using http under the hood instead of https and hence doesn't match my https app redirect configuration.

Even if I hard code the string in the OnRedirectToIdentityProvider delegate it doesn't appear to be taking it into account.

Ideas? This seems to be a prevalent and very annoying black box type bug. Still no reply from the MS team.

Answer 5 · 2019-07-15T14:15:39.000Z

In the months since I posted this, the libraries have upgraded and this has become a moot point, as the current libraries have greatly simplified a good deal of this plumbing.

That being said - can you confirm that you're hitting this OnRedirectToIdentityProvider event?

Answer 6 · 2020-05-11T11:29:39.000Z

Closing this issue as this sample is being archived and replaced by a newer ASP.NET Core 3.1 sample.
See Readme.md