How to setup an MVC client for IdentityServer3

Question

I'm trying to use the IdentityServer3 therefore I'm going over the official examples. I have created an authorization server which is very simple:

namespace SimpleIdentityServer
{
    public class Startup
    {
        public void Configuration(IAppBuilder app)
        {
            var options = new IdentityServerOptions
            {
                Factory = new IdentityServerServiceFactory()
                                .UseInMemoryClients(Clients.Get())
                                .UseInMemoryScopes(Scopes.Get())
                                .UseInMemoryUsers(Users.Get()),
                RequireSsl = false
            };
            app.UseIdentityServer(options);
        }
    }
}

This is my in memory user:

new Client
{
    ClientName = "MVC application",
    ClientId = "mvc",
    Enabled = true,
    AccessTokenType = AccessTokenType.Jwt,
    Flow = Flows.Implicit,
    ClientSecrets = new List<Secret>
    {
        new Secret("secret".Sha256())
    },
    AllowedScopes = new List<string>
    {
        "openId",
        "profile"
    },
    RedirectUris = new List<string>
    {
        "http://localhost:12261/"
    }
}

Now, I want to use the aforementioned server to authenticate the users of an MVC application, so I have done this:

    public void Configuration(IAppBuilder app)
    {
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = "Cookies"
        });
        app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
        {
            Authority = "http://localhost:47945/",
            ClientId = "mvc",
            RedirectUri = "http://localhost:12261/",
            ResponseType = "id_token",
            SignInAsAuthenticationType = "Cookies"
        });
    }

And this is a sample controller action annotated with the Authorize attribute:

[Authorize]
public ActionResult About()
{
    ViewBag.Message = "Your application description page.";

    return View();
}

But when I go to home/about in my mvc application it shows me 401 error and it seems (from the serilog) that it doesn't even call the authorization server.

Answer 1

What I think could happen is that your OWIN pipeline is not executed. Could you try to put a breakpoint in your Startup class, kill IIS or IIS Express - whichever you're using - and starting again?

If this is the case, then the IODC middleware doesn't catch the HTTP 401 response, thus doesn't redirect you to your IdentityServer instance.

A possible explanation for this would be that you didn't include the necessary NuGet package that enables OWIN when running an ASP.NET app on IIS. That package is Microsoft.Owin.Host.SystemWeb.