-1

I'm trying to use the IdentityServer3 therefore I'm going over the official examples. I have created an authorization server which is very simple:

namespace SimpleIdentityServer
{
    public class Startup
    {
        public void Configuration(IAppBuilder app)
        {
            var options = new IdentityServerOptions
            {
                Factory = new IdentityServerServiceFactory()
                                .UseInMemoryClients(Clients.Get())
                                .UseInMemoryScopes(Scopes.Get())
                                .UseInMemoryUsers(Users.Get()),
                RequireSsl = false
            };
            app.UseIdentityServer(options);
        }
    }
}

This is my in memory user:

new Client
{
    ClientName = "MVC application",
    ClientId = "mvc",
    Enabled = true,
    AccessTokenType = AccessTokenType.Jwt,
    Flow = Flows.Implicit,
    ClientSecrets = new List<Secret>
    {
        new Secret("secret".Sha256())
    },
    AllowedScopes = new List<string>
    {
        "openId",
        "profile"
    },
    RedirectUris = new List<string>
    {
        "http://localhost:12261/"
    }
}

Now, I want to use the aforementioned server to authenticate the users of an MVC application, so I have done this:

    public void Configuration(IAppBuilder app)
    {
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = "Cookies"
        });
        app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
        {
            Authority = "http://localhost:47945/",
            ClientId = "mvc",
            RedirectUri = "http://localhost:12261/",
            ResponseType = "id_token",
            SignInAsAuthenticationType = "Cookies"
        });
    }

And this is a sample controller action annotated with the Authorize attribute:

[Authorize]
public ActionResult About()
{
    ViewBag.Message = "Your application description page.";

    return View();
}

But when I go to home/about in my mvc application it shows me 401 error and it seems (from the serilog) that it doesn't even call the authorization server.

Mohsen Kamrani
  • 7,177
  • 5
  • 42
  • 66
  • Are you getting any errors from the Identity Server? Assuming that your identity server is running as default and bound to /core/ the Authority in your client should be http://localhost:47945/core/. Also, you probably need to tell the client site to allow external cookies: app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); – Nick Bork Dec 15 '16 at 04:53
  • @NickBork Actually, I've implemented the Identity Server on a console application which is self-hosted: `WebApp.Start("http://localhost:47945")`. Anyway, I'm not getting any error. And, I've not added any mapping (in server's Startup config method). – Mohsen Kamrani Dec 15 '16 at 05:00
  • @NickBork `app.UseExternalSignInCookie(DefaultAuthenticationTypes.Exter‌​nalCookie); ` didn't change anything. – Mohsen Kamrani Dec 15 '16 at 05:06

1 Answers1

3

What I think could happen is that your OWIN pipeline is not executed. Could you try to put a breakpoint in your Startup class, kill IIS or IIS Express - whichever you're using - and starting again?

If this is the case, then the IODC middleware doesn't catch the HTTP 401 response, thus doesn't redirect you to your IdentityServer instance.

A possible explanation for this would be that you didn't include the necessary NuGet package that enables OWIN when running an ASP.NET app on IIS. That package is Microsoft.Owin.Host.SystemWeb.

Mickaël Derriey
  • 12,796
  • 1
  • 53
  • 57