Infinite Redirect To Login Page instead of going to Callback Page With Auth Code

Questions OAuth/OIDC
1

Hi There,

Code
Code1104×414 42 KB

I have this function which returns challenge and goes to Callback function(not shown here).
However Callback function call is initiated with code and state(seen in the browser console), but shows 302 redirect error.

Browser
Browser1875×537 43.9 KB

OIDC_Settings
OIDC_Settings1059×539 93 KB

The callback would get hit if we remove the ASP IdentityCore Package from Project, when this package is removed, then HttpContext.User.Identity.IsAuthenticated be true and everything works fine as expected, hitting the callback function with code.

However I want to implement custom login as well(for users/clients who doesnt want Login through Okta). Can anybody help, its been few and it is really frustating that I couldnt find anything such as Okta Initiated login flow and normal login flow through same web application anywhere. Please post if there is any…

2

Hi @anishme,

Instead of using .AddCookie()

Try:

.AddCookie(options => { options.Cookie.SameSite = SameSiteMode.None; options.Cookie.SecurePolicy = CookieSecurePolicy.Always; options.Cookie.IsEssential = true; });

It looks like the polices are not setup and the default values are causing the loop.

1 Like
3

Hey Regis,

Thanks for the suggestion as I atleast came to know the cause of issue about the issue but it is still not working.
Actually, I am using Asp Identity for Custom traditional Login(with Cookie Authentication) and the cookie settings is registered for it as well(shown below screen).
Its really wierd that not much resources are found when we try to use Mixed Mode of Authentication, where we want traditional login and Okta initiated login both with Dot Net Core MVC Application.

image
image878×95 14.9 KB

4

When setting the cookie, you should set the samesite policy to None:

  • Cookies without SameSite header are treated as SameSite=Lax by default.
  • SameSite=None must be used to allow cross-site cookie use.
1 Like
5

I’m working in the exact same issue - login using OKTA or login using AspNet Identity.
My code also goes through the same infinite loop.

I followed thia guide

Then I setup aspnet identity, scaffolded the login page.
Login via aspnet works perfectly.

In my code ‘if’ I remove “builder.Services.AddDefaultIdentity” the infinite loop goes away and OKTA signin works, but then I lose aspnet login.

Is there any definitive solution to this?

6

Hi there,

I used following for a work around.
You can try this:

image
image1055×248 55.6 KB

7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.