I have a .NET APP that uses Open Id Connect Authentication (with Azure as the authentication server) and was working up until very recently.
Currently, when run I receive the following error:
The stack trace:
[IOException: IDX20807: Unable to retrieve document from: 'System.String'. HttpResponseMessage: 'System.Net.Http.HttpResponseMessage', HttpResponseMessage.Content: 'System.String'.]
Microsoft.IdentityModel.Protocols.<GetDocumentAsync>d__16.MoveNext() 1152
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
Microsoft.IdentityModel.Protocols.OpenIdConnect.<GetAsync>d__3.MoveNext() 391
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
Microsoft.IdentityModel.Protocols.<GetConfigurationAsync>d__24.MoveNext() 958
[InvalidOperationException: IDX20803: Unable to obtain configuration from: 'System.String'.]
Microsoft.IdentityModel.Protocols.<GetConfigurationAsync>d__24.MoveNext() 1699
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
Microsoft.Owin.Security.OpenIdConnect.<ApplyResponseChallengeAsync>d__10.MoveNext() 565
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
Microsoft.Owin.Security.Infrastructure.<ApplyResponseCoreAsync>d__40.MoveNext() 349
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
Microsoft.Owin.Security.Infrastructure.<ApplyResponseAsync>d__39.MoveNext() 447
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
Microsoft.Owin.Security.Infrastructure.<TeardownAsync>d__34.MoveNext() 196
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
Microsoft.Owin.Security.Infrastructure.<Invoke>d__5.MoveNext() 929
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<RunApp>d__7.MoveNext() 197
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
Microsoft.Owin.Security.Infrastructure.<Invoke>d__5.MoveNext() 735
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
NSwag.AspNet.Owin.Middlewares.<Invoke>d__4.MoveNext() 881
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
NSwag.AspNet.Owin.Middlewares.<Invoke>d__4.MoveNext() 809
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
NSwag.AspNet.Owin.Middlewares.<Invoke>d__7.MoveNext() 830
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
Microsoft.Owin.Mapping.<Invoke>d__3.MoveNext() 861
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<RunApp>d__7.MoveNext() 197
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 62
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<DoFinalWork>d__12.MoveNext() 192
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 32
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult.End(IAsyncResult ar) 118
System.Web.AsyncEventExecutionStep.InvokeEndHandler(IAsyncResult ar) 225
System.Web.AsyncEventExecutionStep.OnAsyncEventCompletion(IAsyncResult ar) 162
Note: I am very very certain that this used to work as described and still very certain that this code is being executed.
The authentication configuration in my Startup.cs:
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
// Sets the ClientId, authority, RedirectUri as obtained from web.config
ClientId = clientId,
Authority = authority,
RedirectUri = redirectUri,
// PostLogoutRedirectUri is the page that users will be redirected to after sign-out. In this case, it is using the home page
PostLogoutRedirectUri = redirectUri,
Scope = OpenIdConnectScope.OpenIdProfile,
// ResponseType is set to request the code id_token - which contains basic information about the signed-in user
ResponseType = OpenIdConnectResponseType.CodeIdToken,
// OpenIdConnectAuthenticationNotifications configures OWIN to send notification of failed authentications to OnAuthenticationFailed method
Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthenticationFailed = OnAuthenticationFailed,
}
});
The code that used to (at least i think) trigger the login screen in my default controller:
public HttpStatusCodeResult SignIn()
{
if (!Request.IsAuthenticated)
{
HttpContext.GetOwinContext().Authentication.Challenge(
new AuthenticationProperties {
RedirectUri = MeshConfigSupport.LocalSettings.TryGetSetting<string>("RedirectUri").value,},
OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
HttpStatusCodeResult statusCode = new HttpStatusCodeResult(HttpContext.GetOwinContext().Response.StatusCode);
return statusCode;
}
CodePudding user response:
We had the exact same problem with one of our apps. Seems like MS turned of support for ssl protocols lower than tls 1.2. In our cas the issue was fixed by running the app under .Net 4.7.2 instead of 4.5.2 (defaults were apparently changed in 4.6). Check here for more details: https://docs.microsoft.com/en-us/troubleshoot/azure/active-directory/enable-support-tls-environment?tabs=azure-monitor