Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

access_denied error #252

Open
CarloSaccone opened this issue Dec 27, 2018 · 7 comments
Open

access_denied error #252

CarloSaccone opened this issue Dec 27, 2018 · 7 comments

Comments

@CarloSaccone
Copy link

Hi, I'm getting crazy on this issue, I have a working solution (feel free to try with linkedin as provider) here:

https://200crowdfe.azurewebsites.net/account/login

When I deploy to the production website, it works for a while (sometimes a few minutes, sometimes hours), then it stops and starts answering "access_denied" with any provider.

Any idea? How can I debug/log the reason why the access_denied message comes out?
I debugged all the client calls, and the error is inside the final call to /signin-linkedin handler, the calls to linkedin are all fine.

Any help is appreciated
@TerribleDev
Copy link
Owner

Walking home atm. Pretty sure you can pass your own authentication provider object to the middleware which will give you on failure hooks. I'll try to give u an actual response when I get home.

@TerribleDev
Copy link
Owner

Sounds to me like it's not refreshing tokens that expire?

@CarloSaccone
Copy link
Author

Sounds to me like it's not refreshing tokens that expire?

I was thinking the same, but I feel strange that when it stops working, it stops for any user/any provider.

Thanks a lot

@CarloSaccone
Copy link
Author

Hi, any update? I tried passing in a provider object, but there are no hooks available for errors...am I missin g something?

@TerribleDev
Copy link
Owner

Did you try the OnReturnEndpoint hook? you should get an object back with a response property.

@CarloSaccone
Copy link
Author

Yes, I'm trying to debug what's happening there...what I know is that there is a difference between the working status and the broken one:

inside OnReturnEndpoint I see context.Identity is null when is broken, a valid identity object with claims when it works.

This leads to the initial consideration: even if the middleware (signin-linkedin) is called with a valid token (I tried a manual api call with the same code and the response was ok), the middleware is unable to generate an Identity for auth...

At this time the only thing that works is a server restart...but that's driving me insane

@CarloSaccone
Copy link
Author

Hi, some other clues:

looking at the response, code is always 200, but when it works I find the following response header:

"Set-Cookie": [
    ".AspNet.Correlation.LinkedIn=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT"
  ]

which is missing when the access_denied error comes out...

Yet is not clear why it gives back a 200 code when it's definitely not OK...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@TerribleDev @CarloSaccone