Created a developer test environment (Aries Systems-dev-723639).
Am using the verbatim code example provided at https://developer.okta.com/code/dotnet/jwt-validation.
Environment is ASP.NET (not core).
Am using the following url to get the login screen which redirects correctly to my aspx page and I can capture the returned token from the form returned - https://dev-723639.oktapreview.com/oauth2/v1/authorize?client_id=0oaiaj7t90eEXe0y20h7&redirect_uri=http://local.editorialmanager.com/jeanspec16017/AscoLoginHandler.aspx&response_type=token&scope=openid&state=‘testing’&prompt=login&nonce=‘currentnonce’&response_mode=form_post
Am then sending that token to async function as indicated in the API documentation. I’ve tried both using the authorization server url that seemed to be auto-created for me when I created my application in the development environment as well as trying just to use the ‘default’ authorization server as indicated in the documentation.
Code is as follows. I get as far as the call to the configurationManager.GetConfigurationAsync and the application/page just hangs:
private static async Task<JwtSecurityToken> ValidateAscoToken(string token)
{
try
{
var issuer = "https://dev-723639.oktapreview.com/oauth2/AriesEMApplication";
var configurationManager = new ConfigurationManager<OpenIdConnectConfiguration>(
issuer + "/.well-known/oauth-authorization-server",
new OpenIdConnectConfigurationRetriever(),
new HttpDocumentRetriever());
var cancellationToken = default(CancellationToken);
var discoveryDocument = await configurationManager.GetConfigurationAsync(cancellationToken);
var signingKeys = discoveryDocument.SigningKeys;
var validationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = issuer,
ValidateIssuerSigningKey = true,
IssuerSigningKeys = signingKeys,
ValidateLifetime = true,
ClockSkew = TimeSpan.FromMinutes(1)
};
var principal =
new JwtSecurityTokenHandler().ValidateToken(token, validationParameters, out var rawValidatedToken);
return (JwtSecurityToken) rawValidatedToken;
}
catch (Exception AnyError)
{
var anyError = AnyError;
return null;
}
}
Below is the logged network traffic after the configurationManager.GetConfigurationAsync(cancellationToken) is called:
- Request URL:
ws://localhost:58854/08884e9bd8cd4738bc5b3330e9da6107/browserLinkSignalR/connect?transport=webSockets&connectionToken=AQAAANCMnd8BFdERjHoAwE%2FCl%2BsBAAAAPIUHyqtR3kWPwR9Ugd4FYQAAAAACAAAAAAADZgAAwAAAABAAAACkPPj1aPJ5Xjki2b%2BPQ2oZAAAAAASAAACgAAAAEAAAANZfdzhnU8acUjUEE6iyvykoAAAANj%2FqYLgHwUeI02jSNGZ1XfnK0a3kiUn%2B7FbDUSw4TaBi0r9DiwG2SBQAAAC3UQuzTe1UglBgfN%2FkrIIZt1u42w%3D%3D&requestUrl=http%3A%2F%2Flocal.editorialmanager.com%2Fjeanspec16017%2FAscoLoginHandler.aspx&browserName=Chrome&userAgent=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F70.0.3538.110+Safari%2F537.36&tid=0
- Request Method:
GET
- Status Code:
101 Switching Protocols
-
Response Headersview source
-
Access-Control-Allow-Credentials:
true
- Access-Control-Allow-Origin:
http://local.editorialmanager.com
- Connection:
Upgrade
- Date:
Mon, 17 Dec 2018 16:35:42 GMT
- Sec-WebSocket-Accept:
xIRoXHHZi2MsKlx5R14ZnM6uk+E=
- Server:
Microsoft-HTTPAPI/2.0
- Upgrade:
websocket
- X-Content-Type-Options:
nosniff
-
Request Headersview source
-
Accept-Encoding:
gzip, deflate, br
- Accept-Language:
en-US,en;q=0.9
- Cache-Control:
no-cache
- Connection:
Upgrade
- Host:
localhost:58854
- Origin:
http://local.editorialmanager.com
- Pragma:
no-cache
- Sec-WebSocket-Extensions:
permessage-deflate; client_max_window_bits
- Sec-WebSocket-Key:
415zqspz0wk2hZloaSVntQ==
- Sec-WebSocket-Version:
13
- Upgrade:
websocket
- User-Agent:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36
-
Query String Parametersview sourceview URL encoded
-
transport:
webSockets
- connectionToken:
AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAPIUHyqtR3kWPwR9Ugd4FYQAAAAACAAAAAAADZgAAwAAAABAAAACkPPj1aPJ5Xjki2b+PQ2oZAAAAAASAAACgAAAAEAAAANZfdzhnU8acUjUEE6iyvykoAAAANj/qYLgHwUeI02jSNGZ1XfnK0a3kiUn+7FbDUSw4TaBi0r9DiwG2SBQAAAC3UQuzTe1UglBgfN/krIIZt1u42w==
- requestUrl:
http://local.editorialmanager.com/jeanspec16017/AscoLoginHandler.aspx
- browserName:
Chrome
- userAgent:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36
- tid:
0