I'm implementing authentication using Duende Identity Server based on CODE grant type. I need Identity Server to issue tokens for my React Client App, I added react-oidc-context to the Client App as OpenId Connect client. Also I've configured IS to add a few test users on startup for test purposes and added base UI. The issue is that when I enter test user's credentials to login form on IS and click Login button I see the name of user I just logged in by at the top of the login page, but IS doesn't redirect me back to the Client App, it just refreshes the login page. I was wondering if you could provide any information regarding the possible solutions or issue's causes. Thank you in advance!
Here is the screenshot of page I see after clicking login button: Login page after signing in as a test user
Here is my config for Identity Server resources:
new Client
{
ClientId = "spa",
ClientName = "React Single Page Application",
ClientSecrets = { new Secret("secret") },
RequireClientSecret = false,
ClientUri = "https://localhost:44430",
RedirectUris = { "https://localhost:44430/fetch-data" },
PostLogoutRedirectUris = { "https://localhost:44430" },
AllowedGrantTypes = GrantTypes.Code,
RequirePkce = false,
AllowAccessTokensViaBrowser = true,
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"weather",
},
},
Here is my config that I use for connecting to IS on the Client App side:
{
authority: "https://localhost:7123",
client_id: "spa",
client_secret: "secret",
redirect_uri: "https://localhost:44430/fetch-data",
post_logout_redirect_uri: 'https://localhost:44430',
response_type: 'code',
scope: 'weather',
userStore: new WebStorageStateStore({ store: window.localStorage }),
};
Also here is config of IS service in the program.cs file:
builder.Services.AddIdentity<AppUser, IdentityRole>()
.AddEntityFrameworkStores<AppIdentityDbContext>()
.AddDefaultTokenProviders();
builder.Services.AddIdentityServer(options =>
{
options.IssuerUri = "https://localhost:7123";
options.Events.RaiseErrorEvents = true;
options.Events.RaiseInformationEvents = true;
options.Events.RaiseFailureEvents = true;
options.Events.RaiseSuccessEvents = true;
options.EmitStaticAudienceClaim = true;
})
.AddInMemoryIdentityResources(Config.GetIdentityResources())
.AddInMemoryApiScopes(Config.GetApiScopes())
.AddInMemoryApiResources(Config.GetApisResources())
.AddInMemoryClients(Config.GetClients(builder.Configuration))
.AddTestUsers(TestUsers.Users)
.AddAspNetIdentity<AppUser>();
To fix the issue I've tried switching all endpoints to use https. Also I've tried to set up cookie policy in IS porgram.cs, below is config that I added:
app.UseCookiePolicy(new CookiePolicyOptions
{
HttpOnly = HttpOnlyPolicy.None,
MinimumSameSitePolicy = SameSiteMode.None,
Secure = CookieSecurePolicy.Always
});
Updated
After some time spent on investigation I've finally came up with solution:
The issue was caused by default implementation of login page model (Pages/Account/Login/Index.cshtml/Index.cshtml.cs).I've injected SignInManager signInManager to the page's model and used it as users storage instead of default TestUserStore, that fixed the issue.