Login does not work

[Kiho]

After login, it stays there, not go back to spa site and I can see this in the log.
Any idea?

2019-09-29 11:27:40.482 -07:00 [DBG] Augmenting SignInContext
2019-09-29 11:27:40.486 -07:00 [DBG] Adding idp claim with value: local
2019-09-29 11:27:40.487 -07:00 [DBG] Adding amr claim with value: pwd
2019-09-29 11:27:56.194 -07:00 [DBG] client configuration validation for client angular_spa succeeded.
2019-09-29 11:29:19.608 -07:00 [INF] Removing 0 grants
2019-09-29 11:29:19.641 -07:00 [DBG] Request path /connect/authorize/callback matched to endpoint type Authorize
2019-09-29 11:29:19.643 -07:00 [DBG] Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeCallbackEndpoint
2019-09-29 11:29:19.644 -07:00 [INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeCallbackEndpoint for /connect/authorize/callback
2019-09-29 11:29:19.649 -07:00 [DBG] Start authorize callback request
2019-09-29 11:29:19.654 -07:00 [DBG] No user present in authorize request
2019-09-29 11:29:19.655 -07:00 [DBG] Start authorize request protocol validation
2019-09-29 11:29:19.657 -07:00 [DBG] client configuration validation for client angular_spa succeeded.
2019-09-29 11:29:19.658 -07:00 [DBG] Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator
2019-09-29 11:29:19.659 -07:00 [INF] ValidatedAuthorizeRequest
{"ClientId":"angular_spa","ClientName":"Angular SPA","RedirectUri":"http://localhost:4200/auth-callback","AllowedRedirectUris":["http://localhost:4200/auth-callback"],"SubjectId":"anonymous","ResponseType":"id_token token","ResponseMode":"fragment","GrantType":"implicit","RequestedScopes":"openid profile email api.read","State":"1437dc56e6d44f7a83633019bddc2ba5","UiLocales":null,"Nonce":"0e0f9ccf5aca4280852d12b6bb6ec2a2","AuthenticationContextReferenceClasses":null,"DisplayMode":null,"PromptMode":null,"MaxAge":null,"LoginHint":null,"SessionId":null,"Raw":{"client_id":"angular_spa","redirect_uri":"http://localhost:4200/auth-callback","response_type":"id_token token","scope":"openid profile email api.read","state":"1437dc56e6d44f7a83633019bddc2ba5","nonce":"0e0f9ccf5aca4280852d12b6bb6ec2a2"},"$type":"AuthorizeRequestValidationLog"}
2019-09-29 11:29:19.661 -07:00 [INF] Showing login: User is not authenticated
2019-09-29 11:29:19.673 -07:00 [DBG] Start authorize request protocol validation
2019-09-29 11:29:19.675 -07:00 [DBG] client configuration validation for client angular_spa succeeded.
2019-09-29 11:29:19.676 -07:00 [DBG] Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator
2019-09-29 11:29:19.677 -07:00 [DBG] client configuration validation for client angular_spa succeeded.

[mmacneil]

Thanks @Kiho - coincidence or not - I'm actually seeing something very similar in another project right now using IdentityServer where it never redirects after successful login at Accounts/Login back to the authorization call back on the angular client. I will test this project to see if it looks the same and let you know what I find. If you find any cause/resolution, please let me know.

[mmacneil]

I believe I am seeing a similar issue - do you get this after logging in and then the page just sits on Accounts/Login spinning its wheels after you submit the login form?

[Kiho]

I am not seeing spinning wheel, it's not moving at all after successful login.

[Kiho]

Looks like you fixed the problem, I don't understand why but It is working fine after I made new clone of project.
Thanks for quick response.

[mmacneil]

Hrmm..odd - perhaps I'm seeing something different than you. I only updated a few unrelated (I think) packages in the Angular project which I wouldn't have expected to impact this. I am still having an issue but it's only occurring on one computer so I think it is something isolated to that machine. Anyway, glad it's working for you now.

[Kiho]

I can't reproduce problem anymore. One thing I remember is ProductVersion field of MigrationHistory
contains AppIdentityDbContext - 2.2.6 & PersistedGrantDbContext 2.2.3 but both are 2.2.3 now.
I used VS 2019 to update AppIdentityDbContext but I was not able to update PersistedGrantDbContext, so I use dotnet-ef to update PersistedGrantDbContext

[santosh2812]

Hi I am also getting same issue, But unable to fix the same, will you please share how you fixed it.
Thanks.

[mmacneil]

Thanks, @santosh2812 - are you seeing it on chrome by chance? I see this sporadically when using a clean instance of chrome (incognito or with all cookies cleaned in regular mode), and it only seems to occur on the first login attempt. After that, it seems to behave normally. I don't see the same issue testing with Edge or Firefox. The logs don't seem to give any clues either - it looks as though the post-login redirect completes normally on the IdentityServer side of things, but the browser is just left hanging there indefinitely. If you have anything to add, I'd love to hear it.

[santosh2812]

Hi the problem is the application stuck on below point
redirecting to /connect/authorize/callback?client_id=Vuejs&redirect_uri=http%3A%2F%2Flocalhost%3A8484%2Flogin&response_type=id_token%20token&scope=openid%20profile%20courses%20roles%20country%20GPSSchoolAPI&state=5b7f679b185642db87a745f649dab48f&nonce=9f222f460a974434a6d0a7179d79765a.
and in

Chrome it gives the message - big header
In IE it stuck and on console of Identity Server4 it say that kesteral server header issue for this Have increased the header size in program.cs
in Mozila it stuck -no message is displayed.
I am not sure what is the issue, have cleared the browser cookies, and also change the port number.
please suggest.

[itorian]

Check network tab, if any request is being blocked or cancelled. Also check this issue DuendeArchive/IdentityServer4#3854

[huydq5000]

Hi,

Any update on this issue. I could not login using Edge Chromium and Chrome but with orginal Edge. I think It should be something related to Cookie because in Chrome/New Edge I got this warning:

A cookie associated with a resource at http://localhost/ was set with SameSite=None but without Secure. It has been blocked, as Microsoft Edge now only delivers cookies marked SameSite=None if they are also marked Secure. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5633521622188032.

Thanks

[huydq5000]

After a quick research, I decided to switch AuthServer to run with https and it works perfectly. I think the problem is not at the code but the Chrome's cookies policy.

[BASS34]

confirm than run AuthServer with https mode it works.

[GothicSecret]

[GothicSecret]