Issue with client login after IdentityServer upgrade from 6 to 7
Closed this issue · 5 comments
Which version of Duende IdentityServer are you using?
7.0.1
Which version of .NET are you using?
8.0
Describe the bug
After upgradation to .NET 8.0 and Duende IdentityServer to 7.0.1, facing this issue when running the Admin application and during API request in the Swagger. The issue in Admin is when signin-oidc request is executed. In swagger the error is invalid signature for token. All steps mentioned in the upgradation documentation were followed. The application was working fine till version 6.3.8 of Duende IdentityServer. Issue faced from version 7.0. Corresponding package upgrade for .NET 8.0 has also been made.
To Reproduce
Upgradation from 6.0.x to 7.0.x of Skoruba Duende IdentityServer Admin
Expected behavior
Proper login for Admin application to dashboard and proper API calls in swagger.
Log output/exception with stacktrace
2024-04-16 14:32:10.314 +05:30 [ERR] Exception occurred while processing message.
System.InvalidOperationException: An invalid request URI was provided. Either the request URI must be an absolute URI or BaseAddress must be set.
at System.Net.Http.HttpClient.PrepareRequestMessage(HttpRequestMessage request)
at System.Net.Http.HttpClient.SendAsync(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync()
2024-04-16 14:32:10.377 +05:30 [ERR] An unhandled exception has occurred while executing the request.
Microsoft.AspNetCore.Authentication.AuthenticationFailureException: An error was encountered while handling the remote login.
---> System.InvalidOperationException: An invalid request URI was provided. Either the request URI must be an absolute URI or BaseAddress must be set.
at System.Net.Http.HttpClient.PrepareRequestMessage(HttpRequestMessage request)
at System.Net.Http.HttpClient.SendAsync(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync()
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.CspMiddleware.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddlewareImpl.Invoke(HttpContext context)
For Swagger:
Error: response status is 401
Response headers date: Wed,17 Apr 2024 04:54:21 GMT
server: Microsoft-IIS/10.0
www-authenticate: Bearer error="invalid_token",error_description="The signature key was not found"
x-powered-by: ASP.NET x-sourcefiles: =?UTF-8?B?RDpcSURBZG1pbkNvbW1lcmNpYWxcc3JjXEdvcmRpYW5JRC5BZG1pbi5BcGlcYXBpXENsaWVudHM=?=
This is most likely a version mismatch issue with the System.IdentityModel.* packages which contain the logic around token handling. The Microsoft.IdentityModel.* libraries used by Duende IdentityServer all have to be of exactly the same version. If they are not it can cause unexpected issues reading configuration data and tokens.
Please see our guide to solve this here.
@venkiteshsa Did this solve it for you? If so I want to close this issue. If not please give us an update.
Hi, yes this seems to be the problem. The version of some transitive packages are not the latest or the compatible version. You can close this issue for now. Thanks for the help.
@venkiteshsa which one? I have same problem.
@senzacionale Please see https://docs.duendesoftware.com/mim for guidance on transitive package versions.