Blazor Sample - Register or Login pages doesn't seem to work
weirdyang opened this issue · comments
Describe the bug
A clear and concise description of what the bug is.
When I click on "Login", I get redirected to the following page:
To reproduce
Run the sample, and click on the "Login" links.
Further technical details
- ASP.NET Core version.
- Include the output of
dotnet --info. - The IDE (VS / VS Code/ VS4Mac) you're running on, and its version.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Configuration.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The configuration request was successfully extracted: {}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The configuration request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The response was successfully returned as a JSON document: {
"issuer": "https://localhost:44310/",
"authorization_endpoint": "https://localhost:44310/connect/authorize",
"token_endpoint": "https://localhost:44310/connect/token",
"end_session_endpoint": "https://localhost:44310/connect/logout",
"userinfo_endpoint": "https://localhost:44310/connect/userinfo",
"jwks_uri": "https://localhost:44310/.well-known/jwks",
"grant_types_supported": [
"authorization_code",
"password",
"refresh_token",
"implicit"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"code token"
],
"response_modes_supported": [
"form_post",
"fragment",
"query"
],
"scopes_supported": [
"openid",
"email",
"profile",
"roles",
"offline_access"
],
"claims_supported": [
"aud",
"exp",
"iat",
"iss",
"sub"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"code_challenge_methods_supported": [
"S256"
],
"subject_types_supported": [
"public"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"claims_parameter_supported": false,
"request_parameter_supported": false,
"request_uri_parameter_supported": false
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Authorization.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully extracted: {
"client_id": "balosar-blazor-client",
"redirect_uri": "https://localhost:44310/authentication/login-callback",
"response_type": "code",
"scope": "openid profile",
"state": "e8774d4498684903b0957fc458ef0237",
"code_challenge": "0WTYzOBJYxzOUP2-g1UjMB1z9N0t6JBTGpUBLpJjyIA",
"code_challenge_method": "S256",
"prompt": "none",
"response_mode": "query"
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization response was successfully returned to 'https://localhost:44310/authentication/login-callback' using the query response mode: {
"error": "login_required",
"error_description": "The user is not logged in.",
"error_uri": "https://documentation.openiddict.com/errors/ID2015",
"state": "e8774d4498684903b0957fc458ef0237"
}.
info: OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandler[13]
AuthenticationScheme: OpenIddict.Server.AspNetCore was forbidden.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Configuration.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The configuration request was successfully extracted: {}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The configuration request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The response was successfully returned as a JSON document: {
"issuer": "https://localhost:44310/",
"authorization_endpoint": "https://localhost:44310/connect/authorize",
"token_endpoint": "https://localhost:44310/connect/token",
"end_session_endpoint": "https://localhost:44310/connect/logout",
"userinfo_endpoint": "https://localhost:44310/connect/userinfo",
"jwks_uri": "https://localhost:44310/.well-known/jwks",
"grant_types_supported": [
"authorization_code",
"password",
"refresh_token",
"implicit"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"code token"
],
"response_modes_supported": [
"form_post",
"fragment",
"query"
],
"scopes_supported": [
"openid",
"email",
"profile",
"roles",
"offline_access"
],
"claims_supported": [
"aud",
"exp",
"iat",
"iss",
"sub"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"code_challenge_methods_supported": [
"S256"
],
"subject_types_supported": [
"public"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"claims_parameter_supported": false,
"request_parameter_supported": false,
"request_uri_parameter_supported": false
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Authorization.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully extracted: {
"client_id": "balosar-blazor-client",
"redirect_uri": "https://localhost:44310/authentication/login-callback",
"response_type": "code",
"scope": "openid profile",
"state": "ee7e69d50d954da1b332dd5b6a54dbab",
"code_challenge": "_Ao1CZ_0XmhIqqufqNG4KLtB08NuvVnI6wVIFWEhk7o",
"code_challenge_method": "S256",
"prompt": "none",
"response_mode": "query"
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization response was successfully returned to 'https://localhost:44310/authentication/login-callback' using the query response mode: {
"error": "login_required",
"error_description": "The user is not logged in.",
"error_uri": "https://documentation.openiddict.com/errors/ID2015",
"state": "ee7e69d50d954da1b332dd5b6a54dbab"
}.
info: OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandler[13]
AuthenticationScheme: OpenIddict.Server.AspNetCore was forbidden.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Configuration.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The configuration request was successfully extracted: {}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The configuration request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The response was successfully returned as a JSON document: {
"issuer": "https://localhost:44310/",
"authorization_endpoint": "https://localhost:44310/connect/authorize",
"token_endpoint": "https://localhost:44310/connect/token",
"end_session_endpoint": "https://localhost:44310/connect/logout",
"userinfo_endpoint": "https://localhost:44310/connect/userinfo",
"jwks_uri": "https://localhost:44310/.well-known/jwks",
"grant_types_supported": [
"authorization_code",
"password",
"refresh_token",
"implicit"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"code token"
],
"response_modes_supported": [
"form_post",
"fragment",
"query"
],
"scopes_supported": [
"openid",
"email",
"profile",
"roles",
"offline_access"
],
"claims_supported": [
"aud",
"exp",
"iat",
"iss",
"sub"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"code_challenge_methods_supported": [
"S256"
],
"subject_types_supported": [
"public"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"claims_parameter_supported": false,
"request_parameter_supported": false,
"request_uri_parameter_supported": false
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Authorization.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully extracted: {
"client_id": "balosar-blazor-client",
"redirect_uri": "https://localhost:44310/authentication/login-callback",
"response_type": "code",
"scope": "openid profile",
"state": "2652230f100b4f68a6fd71a73f199ed5",
"code_challenge": "7axh9aqJg1A_6wWSVnsQLv_hvZkMwLoHOsdCE4OskrE",
"code_challenge_method": "S256",
"prompt": "none",
"response_mode": "query"
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization response was successfully returned to 'https://localhost:44310/authentication/login-callback' using the query response mode: {
"error": "login_required",
"error_description": "The user is not logged in.",
"error_uri": "https://documentation.openiddict.com/errors/ID2015",
"state": "2652230f100b4f68a6fd71a73f199ed5"
}.
info: OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandler[13]
AuthenticationScheme: OpenIddict.Server.AspNetCore was forbidden.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Authorization.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully extracted: {
"client_id": "balosar-blazor-client",
"redirect_uri": "https://localhost:44310/authentication/login-callback",
"response_type": "code",
"scope": "openid profile",
"state": "0c4eb02e7d6d448b96a721eca981db59",
"code_challenge": "F0PH_GPqxUf2jpv2FX9RG-ltBGebp7x1X8ej1F2BAL8",
"code_challenge_method": "S256",
"prompt": "none",
"response_mode": "query"
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization response was successfully returned to 'https://localhost:44310/authentication/login-callback' using the query response mode: {
"error": "login_required",
"error_description": "The user is not logged in.",
"error_uri": "https://documentation.openiddict.com/errors/ID2015",
"state": "0c4eb02e7d6d448b96a721eca981db59"
}.
info: OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandler[13]
AuthenticationScheme: OpenIddict.Server.AspNetCore was forbidden.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Authorization.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully extracted: {
"client_id": "balosar-blazor-client",
"redirect_uri": "https://localhost:44310/authentication/login-callback",
"response_type": "code",
"scope": "openid profile",
"state": "e47966ac57ea4514a419c020ade4581c",
"code_challenge": "Xhlcfy5YzxD1AbO0fBsEwJrUHfewGuHNmB78BYVSLhw",
"code_challenge_method": "S256",
"response_mode": "query"
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Configuration.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The configuration request was successfully extracted: {}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The configuration request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The response was successfully returned as a JSON document: {
"issuer": "https://localhost:44310/",
"authorization_endpoint": "https://localhost:44310/connect/authorize",
"token_endpoint": "https://localhost:44310/connect/token",
"end_session_endpoint": "https://localhost:44310/connect/logout",
"userinfo_endpoint": "https://localhost:44310/connect/userinfo",
"jwks_uri": "https://localhost:44310/.well-known/jwks",
"grant_types_supported": [
"authorization_code",
"password",
"refresh_token",
"implicit"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"code token"
],
"response_modes_supported": [
"form_post",
"fragment",
"query"
],
"scopes_supported": [
"openid",
"email",
"profile",
"roles",
"offline_access"
],
"claims_supported": [
"aud",
"exp",
"iat",
"iss",
"sub"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"code_challenge_methods_supported": [
"S256"
],
"subject_types_supported": [
"public"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"claims_parameter_supported": false,
"request_parameter_supported": false,
"request_uri_parameter_supported": false
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Authorization.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully extracted: {
"client_id": "balosar-blazor-client",
"redirect_uri": "https://localhost:44310/authentication/login-callback",
"response_type": "code",
"scope": "openid profile",
"state": "97ecc4b8dfab4049881ac3b2de9c3fe8",
"code_challenge": "GAX5ye2xVU6woR8Oou0NCf3MWiJACvEcm60ewbvOzqo",
"code_challenge_method": "S256",
"prompt": "none",
"response_mode": "query"
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization response was successfully returned to 'https://localhost:44310/authentication/login-callback' using the query response mode: {
"error": "login_required",
"error_description": "The user is not logged in.",
"error_uri": "https://documentation.openiddict.com/errors/ID2015",
"state": "97ecc4b8dfab4049881ac3b2de9c3fe8"
}.
info: OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandler[13]
AuthenticationScheme: OpenIddict.Server.AspNetCore was forbidden.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Configuration.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The configuration request was successfully extracted: {}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The configuration request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The response was successfully returned as a JSON document: {
"issuer": "https://localhost:44310/",
"authorization_endpoint": "https://localhost:44310/connect/authorize",
"token_endpoint": "https://localhost:44310/connect/token",
"end_session_endpoint": "https://localhost:44310/connect/logout",
"userinfo_endpoint": "https://localhost:44310/connect/userinfo",
"jwks_uri": "https://localhost:44310/.well-known/jwks",
"grant_types_supported": [
"authorization_code",
"password",
"refresh_token",
"implicit"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"code token"
],
"response_modes_supported": [
"form_post",
"fragment",
"query"
],
"scopes_supported": [
"openid",
"email",
"profile",
"roles",
"offline_access"
],
"claims_supported": [
"aud",
"exp",
"iat",
"iss",
"sub"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"code_challenge_methods_supported": [
"S256"
],
"subject_types_supported": [
"public"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"claims_parameter_supported": false,
"request_parameter_supported": false,
"request_uri_parameter_supported": false
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Authorization.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully extracted: {
"client_id": "balosar-blazor-client",
"redirect_uri": "https://localhost:44310/authentication/login-callback",
"response_type": "code",
"scope": "openid profile",
"state": "bd7b850441014fe88ca0e48561f27f19",
"code_challenge": "ncC37T7YoWw06Y-Ek-y1oyiv6-cw7KnEKC4QNT7ixig",
"code_challenge_method": "S256",
"prompt": "none",
"response_mode": "query"
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization response was successfully returned to 'https://localhost:44310/authentication/login-callback' using the query response mode: {
"error": "login_required",
"error_description": "The user is not logged in.",
"error_uri": "https://documentation.openiddict.com/errors/ID2015",
"state": "bd7b850441014fe88ca0e48561f27f19"
}.
info: OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandler[13]
AuthenticationScheme: OpenIddict.Server.AspNetCore was forbidden.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Authorization.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully extracted: {
"client_id": "balosar-blazor-client",
"redirect_uri": "https://localhost:44310/authentication/login-callback",
"response_type": "code",
"scope": "openid profile",
"state": "5fc66aff4b9d438ea5af9215094a1d54",
"code_challenge": "meU_vjNPNlys1pBPzZRhkQbvIVjfRgMptMtYF2iK3Ow",
"code_challenge_method": "S256",
"prompt": "none",
"response_mode": "query"
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization response was successfully returned to 'https://localhost:44310/authentication/login-callback' using the query response mode: {
"error": "login_required",
"error_description": "The user is not logged in.",
"error_uri": "https://documentation.openiddict.com/errors/ID2015",
"state": "5fc66aff4b9d438ea5af9215094a1d54"
}.
info: OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandler[13]
AuthenticationScheme: OpenIddict.Server.AspNetCore was forbidden.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Authorization.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully extracted: {
"client_id": "balosar-blazor-client",
"redirect_uri": "https://localhost:44310/authentication/login-callback",
"response_type": "code",
"scope": "openid profile",
"state": "fc0cfa9a51cf479183c5f5d6158f9484",
"code_challenge": "ZYFm1MHGavTwYO55padaxnijW9LBeUXFg5e1xjglJ1Y",
"code_challenge_method": "S256",
"response_mode": "query"
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Configuration.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The configuration request was successfully extracted: {}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The configuration request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The response was successfully returned as a JSON document: {
"issuer": "https://localhost:44310/",
"authorization_endpoint": "https://localhost:44310/connect/authorize",
"token_endpoint": "https://localhost:44310/connect/token",
"end_session_endpoint": "https://localhost:44310/connect/logout",
"userinfo_endpoint": "https://localhost:44310/connect/userinfo",
"jwks_uri": "https://localhost:44310/.well-known/jwks",
"grant_types_supported": [
"authorization_code",
"password",
"refresh_token",
"implicit"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"code token"
],
"response_modes_supported": [
"form_post",
"fragment",
"query"
],
"scopes_supported": [
"openid",
"email",
"profile",
"roles",
"offline_access"
],
"claims_supported": [
"aud",
"exp",
"iat",
"iss",
"sub"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"code_challenge_methods_supported": [
"S256"
],
"subject_types_supported": [
"public"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"claims_parameter_supported": false,
"request_parameter_supported": false,
"request_uri_parameter_supported": false
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Authorization.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully extracted: {
"client_id": "balosar-blazor-client",
"redirect_uri": "https://localhost:44310/authentication/login-callback",
"response_type": "code",
"scope": "openid profile",
"state": "55e5165276684fe58901e6fdf6fdf794",
"code_challenge": "w6NhwY373TjCtD3P50iv9nBfqkbPhx2WtjZFKCLfNT0",
"code_challenge_method": "S256",
"prompt": "none",
"response_mode": "query"
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization response was successfully returned to 'https://localhost:44310/authentication/login-callback' using the query response mode: {
"error": "login_required",
"error_description": "The user is not logged in.",
"error_uri": "https://documentation.openiddict.com/errors/ID2015",
"state": "55e5165276684fe58901e6fdf6fdf794"
}.
info: OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandler[13]
AuthenticationScheme: OpenIddict.Server.AspNetCore was forbidden.
WHen I put a breakpoint in the _LoginPartial.cshmtl, it is hit when I click on Register but not when I click on Login, from the logs it seems that upon clickin on Login, the client tries to make a call to the server
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The request address matched a server endpoint: Authorization.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully extracted: {
"client_id": "balosar-blazor-client",
"redirect_uri": "https://localhost:44310/authentication/login-callback",
"response_type": "code",
"scope": "openid profile",
"state": "a9d10a18ff394404805d67ee98bfbbb7",
"code_challenge": "a_hsPOpeexS9NPpQU7TAGxDr8EBTEu017rkPL0ZUyls",
"code_challenge_method": "S256",
"prompt": "none",
"response_mode": "query"
}.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization request was successfully validated.
info: OpenIddict.Server.OpenIddictServerDispatcher[0]
The authorization response was successfully returned to 'https://localhost:44310/authentication/login-callback' using the query response mode: {
"error": "login_required",
"error_description": "The user is not logged in.",
"error_uri": "https://documentation.openiddict.com/errors/ID2015",
"state": "a9d10a18ff394404805d67ee98bfbbb7"
}.
info: OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandler[13]
AuthenticationScheme: OpenIddict.Server.AspNetCore was forbidden.
this controller action is called when I click on the login link,
[HttpGet("~/connect/authorize")]
[HttpPost("~/connect/authorize")]
[IgnoreAntiforgeryToken]
public async Task<IActionResult> Authorize()
and this is returned
var result = await HttpContext.AuthenticateAsync(IdentityConstants.ApplicationScheme);
if (result == null || !result.Succeeded)
{
// If the client application requested promptless authentication,
// return an error indicating that the user is not logged in.
if (request.HasPrompt(Prompts.None))
{
return Forbid(
authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
properties: new AuthenticationProperties(new Dictionary<string, string>
{
[OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.LoginRequired,
[OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = "The user is not logged in."
}));
}
To fix this:
Add the following after the call to AddDefaultIdentity, to set the login path:
services.ConfigureApplicationCookie(options =>
{
options.AccessDeniedPath = "/Identity/Account/AccessDenied";
options.Cookie.Name = "balosar-cookie";
options.Cookie.HttpOnly = true;
options.ExpireTimeSpan = TimeSpan.FromMinutes(60);
options.LoginPath = "/Identity/Account/Login";
// ReturnUrlParameter requires
//using Microsoft.AspNetCore.Authentication.Cookies;
options.ReturnUrlParameter = CookieAuthenticationDefaults.ReturnUrlParameter;
options.SlidingExpiration = true;
});
a link to my sample using mongodb and the balosar template; https://github.com/weirdyang/openiddict-core-mongo-identity
@weirdyang thanks for the report. Were you to determine what option exactly helps mitigate this behavior? It seems weird because the snippet you posted more or less reuses the default option values, including the paths that the default UI stuff already overrides for you: https://github.com/dotnet/aspnetcore/blob/main/src/Identity/UI/src/IdentityDefaultUIConfigureOptions.cs#L56-L58
AFAICT, the only thing that changes is the cookie name.
I'm not sure to be honest. After reading your reply, I uncommented everything and restored it back to the original and it worked.