2
votes

I'm trying to integrate ServiceStack.Authentication.IdentityServer plugin with an Identity Server 4.

When calling the protected ServiceStack endpoint from browser, the browser redirects to the authorize endpoint as below

https://localhost:5001/connect/authorize?client_id=simplehr&scope=openid%20offline_access&redirect_uri=https://localhost:5004/auth/IdentityServer&response_type=code%20id_token&state=8749c226e65646079c53ba403b51ef3e&nonce=291873debfd14de8b360c11cffbba3db&response_mode=form_post

In this case, https://localhost:5001 is my Identity Server 4, and https://localhost:5004 is my ServiceStack server.

After this step, the browser sends a POST request to ServiceStack's IdentityServer auth provider endpoint as expected. However, this endpoint returns a 302 back to the Identity Server's authorize endpoint. The response looks like

Location: https://localhost:5001/connect/authorize?client_id=simplehr&scope=openid offline_access&redirect_uri=https://localhost:5004/auth/IdentityServer&response_type=code id_token&state=8749c226e65646079c53ba403b51ef3e&nonce=f13048835b6e47f09a8c86882d2db320&response_mode=form_post

Therefore, my browser falls into an infinite loop.

Could anybody shed some light on how I can get over this? Thanks.

1
Have you tried turning on some debug information in IdentityServer? In The IdentityServer project within Startup.cs ConfigureServices method switch on some debugging; var builder = services.AddIdentityServer(options => { options.Events.RaiseErrorEvents = true; options.Events.RaiseInformationEvents = true; options.Events.RaiseFailureEvents = true; options.Events.RaiseSuccessEvents = true; }).AddDeveloperSigningCredential() ...etc Then run in Visual Studio and see what it outputs. - richardb

1 Answers

0
votes

If you have an issue with the ServiceStack Community NuGet package, please raise an issue with the project directly:

https://github.com/wwwlicious/servicestack-authentication-identityserver

Please also note that ServiceStack's latest v5.5 Release includes support for IdentityServer4 Auth in ServiceStack via the mvcidentityserver .NET Core project template.