AspNet.Security.OpenId.Steam.SteamAuthenticationHandler[15] cookie not found.
Rysik5318 opened this issue · comments
Describe the bug
I used examaple in your github.
Everything works fine on localhost, but on hosting it displays an error -
warn: AspNet.Security.OpenId.Steam.SteamAuthenticationHandler[15]
'.AspNetCore.Correlation.FN07PveE1rsK2IsgyCPuDYdU49H3_TL3yIc8wyE0zRw' cookie not found.
info: AspNet.Security.OpenId.Steam.SteamAuthenticationHandler[4]
Error from RemoteAuthentication: The authentication response was rejected because the anti-forgery token was invalid..
fail: Microsoft.AspNetCore.Server.Kestrel[13]
Connection id "0HN4954KSODKP", Request id "0HN4954KSODKP:00000003": An unhandled exception was thrown by the application.
Microsoft.AspNetCore.Authentication.AuthenticationFailureException: An error was encountered while handling the remote login.
---> Microsoft.AspNetCore.Authentication.AuthenticationFailureException: The authentication response was rejected because the anti-forgery token was invalid.
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
AspNet.Security.OpenId.Steam.SteamAuthenticationHandler[15]
Steps To reproduce
I'm using a run like this - dotnet WebPanel.dll --urls "http://193.164.17.231:5001/"
Expected behaviour
HTTP ERROR 500 is displayed
Actual behaviour
Either no cookies or anti-forgery token not found
System information:
- OS: ubuntu
- Library Version 8.0.0 (Last)
- .NET version 8.0.301
Additional context
Add any other context about the problem here.
Have you appropriately configured Data Protection to store keys in a way that work correctly when deployed remotely (e.g. so that data protection keys aren't lost when a container restarts or you promote a new deployment)?
The warning about a missing correlation cookie might be due to SameSite configuration issues.
In both cases, these are issues related to the configuration of ASP.NET Core Authentication, and not an issue with the Steam authentication handler itself.