I am having problems linking to Okta using MVC5 and Asp.Net - I can see from the okta log that I successfully authenticate and my browser is redirected back to my site, but when it hits the redirected action and tries to run this line in the ExternalLoginCallback:
Dim loginInfo As ExternalLoginInfo = Await AuthenticationManager.GetExternalLoginInfoAsync()
The logInfo object remains null. Checking the AuthenticationManager I can see that the AuthenticationResponseGrant is also null, so I’m guessing that the login details are being lost along the way somewhere. This isn’t necessarily the case as if I execute Await AuthenticationManager.AuthenticateAsync(“ExternalCookie”) then I get an AuthenticateResult object with the correct claims in it.
My Startup.Auth includes this setup:
app.UseOktaMvc(New OktaMvcOptions With {
.ClientId = ConfigurationManager.AppSettings("okta:ClientId"),
.ClientSecret = ConfigurationManager.AppSettings("okta:ClientSecret"),
.OktaDomain = ConfigurationManager.AppSettings("okta:OrgUri"),
.RedirectUri = ConfigurationManager.AppSettings("okta:RedirectUri"),
.PostLogoutRedirectUri = ConfigurationManager.AppSettings("okta:PostLogoutRedirectUri"),
.GetClaimsFromUserInfoEndpoint = True,
.Scope = New List(Of String)({"openid", "profile", "email"})
})
And the authentication is called from a bespoke Authorize attribute that does this:
Protected Overrides Sub HandleUnauthorizedRequest(filterContext As AuthorizationContext)
filterContext.HttpContext.Response.TrySkipIisCustomErrors = True
filterContext.Result = New ChallengeResult(Okta.AspNet.OktaDefaults.MvcAuthenticationType, String.Format("/Account/ExternalLoginCallback?ReturnUrl=//{0}/signin-okta", filterContext.HttpContext.Request.Url.Authority))
End Sub
I would be grateful for any help in fixing this issue.