Orchard CMS, OWIN, OpenID Connect, and Azure Website

0
votes

We have deployed Orchard to an Azure Website. However, when we enable a module we created that enables OWIN OpenID connect, we are getting this resulting error:

The data protection operation was unsuccessful. This may have been caused by not having the user profile loaded for the current thread's user context, which may be the case when the thread is impersonating.

It only happens when I enable our custom auth module, but it works fine locally and on our dev server. The issue only occurs in Azure.

Stack Trace:

[CryptographicException: The data protection operation was unsuccessful. This may have been caused by not having the user profile loaded for the current thread's user context, which may be the case when the thread is impersonating.]
   System.Security.Cryptography.ProtectedData.Protect(Byte[] userData, Byte[] optionalEntropy, DataProtectionScope scope) +514
   System.Security.Cryptography.DpapiDataProtector.ProviderProtect(Byte[] userData) +75
   Microsoft.Owin.Security.DataHandler.SecureDataFormat`1.Protect(TData data) +93
   Microsoft.Owin.Security.OpenIdConnect.d__c.MoveNext() +1342
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +13877064
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +61
   Microsoft.Owin.Security.Infrastructure.d__b.MoveNext() +531
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +13877064
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +61
   Microsoft.Owin.Security.Infrastructure.d__8.MoveNext() +631
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +13877064
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +61
   Microsoft.Owin.Security.Infrastructure.d__5.MoveNext() +318
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +13877064
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +61
   System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task) +13877209
   Microsoft.Owin.Security.Infrastructure.d__0.MoveNext() +1371
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +13877064
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +61
   System.Runtime.CompilerServices.TaskAwaiter.GetResult() +28
   Microsoft.Owin.Security.Infrastructure.d__0.MoveNext() +1107
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +13877064
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +61
   Orchard.Mvc.Routes.d__7.MoveNext() in c:\Users\jphillips\code\ifb-blue-orchard\src\Orchard\Mvc\Routes\ShellRoute.cs:181
   System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +13877064
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +61
   System.Web.TaskAsyncHelper.EndTask(IAsyncResult ar) +69
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +611
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +137
1
c#azureorchardcmsowin
Have you looked into this SO question/answer: stackoverflow.com/questions/23773651/…t1nr2y
Possible duplicate of Generating reset password token does not work in Azure WebsitePalu Macil
This isn't a duplicate. I have tried those solutions without any different results.Jamie

1 Answers

1
votes

So I figured out using a combination of this Generating reset password token does not work in Azure Website and telling OWIN to use the custom MachineKeyProtectionProvider class using this extension method.

app.SetDataProtectionProvider(new MachineKeyProtectionProvider());

Once I set that OWIN started using the machine key and everything in Azure is know cool and it works. I also wrote a post about it.