Identity Server 4 CORS not configured

Question

I have put my IS4 on a server and lets call it http://test.myis4.com. Now I am trying to login with an angular application against it, however I keep getting blocked by CORS. The angular client is being served with an MVC Core application and it runs on http://localhost:5002 port. I have tried to do this from my localhost by running it on that port.

On the IS4 server I have tried adding on the client the following:

new Client {
    // code is omitted
    AllowedCorsOrigins = new List<string>() { "http://localhost:5002" }
}

With the above I still get the CORS error, then I have tried adding it to the services direclty:

var cors = new DefaultCorsPolicyService(null)
{
    AllowedOrigins = { "http://localhost:5002" }
};
services.AddSingleton<ICorsPolicyService>(cors);
services.AddIdentityServer()
//rest omitted

The above still gave me the same CORS error, my last attempt was to add it through application builder as such:

app.UseCors(builder => builder.WithOrigins("http://localhost:5002").AllowAnyHeader());
app.UseIdentityServer();
//rest omitted

With this last attempt it still did not work. I'm not quire sure what I'm doing wrong at this point. Any suggestions?

m3n7alsnak3 m3n7alsnak3 · Accepted Answer · 2018-11-26T21:08:51

On the second code block, that you've shown - you need to first AddIdentityServer() and then add the Cors Policy service and you can also do it straight after adding Identity server to the services. Something like:

services.AddIdentityServer(options =>
        {
            // .. if you need something in general (can go without the options)
        })
        .AddCorsPolicyService<YOUR_IMPLEMENTATION_OF_ICorsPolicyService>()
        // rest omitted

This is because the AddIdentitiyServer() overwrites the adding of the CORS service - Code.

Identity Server 4 CORS not configured

1 Answers