by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Ronak Kapadia
    @ronakkapadia
    Any help is much appreciated, as I am new to this
    It throws this exception: Microsoft.IdentityModel.Protocols.OpenIdConnectProtocolException: invalid_request
    vodkadom75
    @vodkadom75
    I've just started getting : 2017-03-29 12:01:18.521 +01:00 [Information] Callback invoked from external identity provider
    2017-03-29 12:01:18.521 +01:00 [Error] External identity provider returned error: "access_denied"
    when everything has been working fine for months
    has nayone had this issue ?
    vodkadom75
    @vodkadom75
    Looks like its necessary to upgrade to pre-release of microsoft.owin.security.facebook
    1.1.0-rc1
    vodkadom75
    @vodkadom75
    as stated in this issue : aspnet/AspNetKatana#38
    Tim Parker-Nance
    @NimbusServices
    Hi, I have a working IDServer3, WebAPI with UseIdentityServerBearerTokenAuthentication, MVC client calling the WebAPI. Is it possible in the WebAPI to get the ClientID of the calling MVC client?
    olegb2bsoft
    @olegb2bsoft
    Hi all. According to http://openid.net/specs/openid-connect-core-1_0.html UserInfo can be in JWT format. It's possible in current version of IS3 ?
    Jaymie Jeffrey
    @r3plica
    Hey all, I have a question I posted on stack overflow that I was hoping someone could help me with
    Basically, I have managed to set up a scope and client and I have managed to authenticate
    I received my token, but when I try to access any controller decorated with the Authorize attribute I get a 401 error
    anyone know why?
    Jorge Gaona
    @pollirrata
    Hi there... does anyone know if scope claim values should be returned regardless if the user authorizes or not? I'm calling an API passing the token generated in my MVC app. From the API I can retrieve the values for profile and role claims (stated as scopeClaims in the corresponding scope); in the MVC app they are not returned. In both cases I retrieve them using ((User as ClaimsPrincipal).Claims.
    Jaymie Jeffrey
    @r3plica
    Not sure if I have fixed it
    but it appears that Transform is invoked multiple times during a request
    so I have added a private property for the current user
    which I only try to assign if it is null (it hasn't been assigned to before)
    that seems to work
        public class ClaimsTransformer
        {
            private readonly IUserProvider _userProvider;
            private UserViewModel _currentUser { get; set; }
    
            public ClaimsTransformer(IUserProvider userProvider) => _userProvider = userProvider;
    
            /// <summary>
            ///     Gets the user claims for the current user
            /// </summary>
            /// <param name="incomingPrincipal">The incoming claims principal</param>
            /// <returns></returns>
            public async Task<ClaimsPrincipal> Transform(ClaimsPrincipal incomingPrincipal)
            {
                // If the current user is authenticated
                if (!incomingPrincipal.Identity.IsAuthenticated) return incomingPrincipal;
    
                // Get our user id
                var id = incomingPrincipal.Identity.GetSubjectId();
    
                // If we have our id
                if (string.IsNullOrEmpty(id)) return incomingPrincipal;
    
                // Get our current user if we haven't already
                if (_currentUser == null) _currentUser = await _userProvider.GetAsync(id);
    
                // Get the user claims and add to our identity
                var userClaims = _currentUser.Claims;
                var claims = userClaims.Select(ModelFactory.Create);
                foreach (var claim in claims) incomingPrincipal.Identities.First().AddClaim(claim);
    
                // Return our modified claims principal
                return incomingPrincipal;
            }
        }
    I shall do some more testing and see if it has actually resolved the issue
    Robin.Jiang
    @RobinJiangdh
    Anyone knows how to config userlogin logs
    Jaymie Jeffrey
    @r3plica
    so I am reading this article
    and it states that you can't DI database entities into the ClaimsTransformer
    so my solution above won't work (and it doesn't always work)
    so
    how can I get database claims and assign it to the current identity?
    Jaymie Jeffrey
    @r3plica
    IdentityServer/IdentityServer3#2164
    this is the same issue I am having
    I have set up a ClaimsProvider
    and it's not working
    any help with that would be great
    or if anyone needs any more info
    Jaymie Jeffrey
    @r3plica
    no one?
    deepakkale
    @deepakkale

    We have developed our OAuth implementation to support single sign on. OAuth was deployed on different servers for different regions. For eg. US, UK and DE.

    We have deployed a client which is bound to OAuth. I want to host only one instance of my client which will redirect to specific region's OAuth.

    is there a way to change Authority dynamically??

    app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
    {
    Authority = "http://SomeGoodURL/"
    }

    ty7466
    @ty7466
    Is it possible to UseCookieAuthentication and UseIdentityServerBearerTokenAuthentication?
    app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
                {
                    Authority = ConfigurationManager.AppSettings["Url"],
                    RequiredScopes = new[] { "scope" }
                });
        app.UseCookieAuthentication(new CookieAuthenticationOptions
                {
                    AuthenticationType = ConfigurationManager.AppSettings["CookieName"]
                });
    Jaymie Jeffrey
    @r3plica
    anyone know why I have started getting this error: Error returned from introspection endpoint: Not Found?
    Engineerumair
    @Engineerumair
    Is Identity Server 3 still maintained?
    YousafKhan0800
    @YousafKhan0800
    Hi everyone, I am using CustomViewService in identity server 3 and I needed to add reset password page. I followed the solution provided here: https://stackoverflow.com/questions/31046208/identity-server-v3-custom-page-reset-password . But, Identity Server is not able to find resetPassword.html page even though I provided it in "templates" folder and it keeps returning 404 error "No webpage was found for the web address: http://localhost:44333/core/resetPassword?signin=b3253f1ef659cffe9165c7c6b134715a". Any help will be appreciated.
    lochan717
    @lochan717
    How to solve 400 bad request issue caused due to multiple nonce and application cookies?
    PivotDataTao
    @PivotDataTao
    I am trying to follow the code in IdentityServer3.Samples/source/Clients/MVC OWIN Client (Hybrid)/ Startup.cs to connect Asp.Net 4.5 MVC5 to IdenityServer4 to get claims, with the newest IdentityModel v3.10.10 package, I got issue on id.AddClaims(userInfoResponse.GetClaimsIdentity().Claims) in the Notifications; it says
    UserInfoResponseextensions.GetClaimsIdentity(userInfoResponse). is inaccessible due to its protection level.
    Should I use different version or should change to use something else to get Claims?
    Raymond Bergen
    @FreeFrags
    when calling the userendpoint done in my case using the oidcclientjs i only get the sub as claim. when it calls the other endpoint it also passes extra claims .... most important for me now is the idp claim is there a way to pass this claim to the userinfoendpoint?
    i read in a few posts that you should have enough info by just using the sub claim ... but in my case it would be best if i knew which idp claim was set. with these 2 claims i can then find the extra claims for the user in my DB
    lochan717
    @lochan717
    i am getting this error after hosting the application.
    A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 164.XXX.XXX.XX:443. This is when client application tries to login via SSO. Can anybody help please?