I made no changes to the code other than to set the proper values within the Web.config file.
I am getting the following error: Any ideas:
Server Error in ‘/’ Application.
Not Found
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Exception: Not Found
Source Error:
Line 60: if (tokenResponse.IsError)
Line 61: {
Line 62: throw new Exception(tokenResponse.Error);
Line 63: }
Line 64:
You might have an incorrect value in Web.config. Which values did you update? Can you paste the relevant part of Web.config here (but blank out the values for security)?
Response status code does not indicate success: 401 (Unauthorized).
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Net.Http.HttpRequestException: Response status code does not indicate success: 401 (Unauthorized).
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[HttpRequestException: Response status code does not indicate success: 401 (Unauthorized).]
System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode() +225
Microsoft.IdentityModel.Protocols.d__8.MoveNext() +378
[IOException: IDX20804: Unable to retrieve document from: ‘[PII is hidden by default. Set the ‘ShowPII’ flag in IdentityModelEventSource.cs to true to reveal it.]’.]
Microsoft.IdentityModel.Protocols.d__8.MoveNext() +666
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +61
Microsoft.IdentityModel.Protocols.OpenIdConnect.d__3.MoveNext() +291
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +61
System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task) +25
Microsoft.IdentityModel.Protocols.d__24.MoveNext() +1129
Since you’re hitting the challenge and not seeing the Okta Login screen, maybe you need to add your dev site to your CORS options in Okta?
In the developer view in Okta admin, go to API->Trusted Origins and make sure you have an entry for your development environment (http://localhost:62446, for example - your port number will probably be different)
@paul.leblond, you were right in that I was missing that entry. I added it and still get that same error above. So, I thought that maybe it was the “localhost” not being able to work, so I poked a hold in my firewall and provided an external IP that forwarded to my development box. While I can successfully hit the website using that external IP, I still get the errors. btw, I did update the application in all places where the URI was referenced to the external IP.
I appreciate you sticking with me on this to help troubleshoot.
I don’t see anything that jumps out at me as incorrect. Just so I’m understanding the situation: You can start the site, and the index comes back. When you click to login, that’s when you get the error.
Some things to try:
Check the browser’s console log. Are there any errors thrown there when you try to logon?
I haven’t run this project, but the docs say that it’s configured to run on port 8080. I’d make sure there’s not still a reference to 8080 somewhere if you’re using a custom port.
I agree with @paul.leblond - can you post a screenshot of your browser’s network log? That would help determine if it is a configuration problem, or something else.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Threading.Tasks;
using Microsoft.IdentityModel.Protocols;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using Microsoft.IdentityModel.Tokens;
using Microsoft.Owin;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.Jwt;
using Owin;
namespace OktaAPI
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
// Configure JWT Bearer middleware
// with an OpenID Connect Authority
var authority = "https://dev-XXXXXX.oktapreview.com/oauth2/default";
var configurationManager = new ConfigurationManager<OpenIdConnectConfiguration>(
authority + "/.well-known/openid-configuration",
new OpenIdConnectConfigurationRetriever(),
new HttpDocumentRetriever());
app.UseJwtBearerAuthentication(new JwtBearerAuthenticationOptions
{
AuthenticationMode = AuthenticationMode.Active,
TokenValidationParameters = new TokenValidationParameters
{
ValidAudience = "api://default",
ValidIssuer = authority,
IssuerSigningKeyResolver = (token, securityToken, identifier, parameters) =>
{
var discoveryDocument = Task.Run(() => configurationManager.GetConfigurationAsync()).GetAwaiter().GetResult();
return discoveryDocument.SigningKeys;
}
}
});
}
}
}
Resolved for me. I had to enable the latest TLS because I’m using .NET 4.5.1. This is done by putting this as the first line in Configuration in Startup.cs:
I tried to apply the suggested solutions but I’m still running into the same problem. I’m currently targeting net461 so the ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls; is not applicable.
I’ve created a Trusted Origins enabling CORS and Redirect, and still running into the same problem. I’m using localhost:8080.
[HttpRequestException: Response status code does not indicate success: 401 (Unauthorized).]
System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode() +224
Microsoft.IdentityModel.Protocols.d__8.MoveNext() +376
Hi Nate/Folks,
I am running Asp.Net webform application for OKTA login but facing the issue after the click on Login button.Once Click on Login button below error is coming, if (tokenResponse.IsError) { throw new Exception(tokenResponse.Error); }
Please find screen shots for same.
Please help me out or any suggestion if you have.
Also getting the same 401 unauthorized errors, having followed the directions for both okta-hosted and self-hosted ASP applications at https://github.com/okta/samples-aspnet. Installed both solutions via VS, added web applications to Okta as OpenID applications, got the resulting client/secret codes which we added to webconfig along with our *.okta.com domain name. These two test sites run on my own machine as localhost:8080 and localhost:8081. Both of those are listed in trusted Origins under Okta Dashboard -> CORS.
The 401 errors occur at different points: 1) For the okta-hosted login page, the error occurs when click “Log in” at the top right (never gets to a login page). 2) For the self-hosted login application, the login page does correctly appear when you click Log In, but doesn’t get populated by Okta, and completing the username and password manually then results in the 401 error.
