I recently tried to follow the tutorial found here to setup Okta with my Blazor App. I’ve tried Okta with ASP.NET Core 3.1 React SPA’s before, but I wanted to see if Okta would be a good fit for the app. I implemented this within my app and within a test app, and I am receiving the following error:
fail: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware[1]
An unhandled exception has occurred while executing the request.
System.InvalidOperationException: Provide Authority, MetadataAddress, Configuration, or ConfigurationManager to OpenIdConnectOptions
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectOptions.Validate()
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationOptions.Validate(String scheme)
at Microsoft.AspNetCore.Authentication.AuthenticationBuilder.<>c__DisplayClass4_0`2.<AddSchemeHelper>b__1(TOptions o)
at Microsoft.Extensions.Options.ValidateOptions`1.Validate(String name, TOptions options)
at Microsoft.Extensions.Options.OptionsFactory`1.Create(String name)
at Microsoft.Extensions.Options.OptionsMonitor`1.<>c__DisplayClass11_0.<Get>b__0()
at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
at System.Lazy`1.ExecutionAndPublication(LazyHelper executionAndPublication, Boolean useDefaultConstructor)
at System.Lazy`1.CreateValue()
at System.Lazy`1.get_Value()
at Microsoft.Extensions.Options.OptionsCache`1.GetOrAdd(String name, Func`1 createOptions)
at Microsoft.Extensions.Options.OptionsMonitor`1.Get(String name)
at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.InitializeAsync(AuthenticationScheme scheme, HttpContext context)
at Microsoft.AspNetCore.Authentication.AuthenticationHandlerProvider.GetHandlerAsync(HttpContext context, String authenticationScheme)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
Here is the code within the ConfigureServices method in Startup.Cs
services.AddAuthentication(sharedOptions => { sharedOptions.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme; sharedOptions.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; sharedOptions.DefaultSignOutScheme = CookieAuthenticationDefaults.AuthenticationScheme; sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme; }) .AddOpenIdConnect(options => { options.ClientId = Configuration["Okta:ClientId"]; options.ClientSecret = Configuration["Okta:ClientSecret"]; options.CallbackPath = "/authorization-code/callback"; options.Authority = Configuration["Okta:Issuer"]; options.ResponseType = "code"; options.SaveTokens = true; options.Scope.Add("openid"); options.Scope.Add("profile"); options.TokenValidationParameters.ValidateIssuer = false; options.TokenValidationParameters.NameClaimType = "name"; })
.AddCookie();
Here is the code within Configure.cs after app.UseRouting:
//Add Auth to app app.UseAuthentication(); app.UseAuthorization(); app.UseEndpoints(endpoints => { //Add MapControllers to app endpoints.MapControllers(); endpoints.MapBlazorHub(); endpoints.MapFallbackToPage("/_Host"); });
Here is my edited appsettings.json file:
“Okta”: {
“ClientId”: “0oa3lp7cylcqF4WkC357”,
“ClientSecret”: “P5aoS-NahXAo74M-b4c2wUmxv_IOCGgyNYwYdVQT”,
“OktaDomain”: “https://dev-715227.okta.com
”
}
I can see the variables being loaded, but obviously it is failing to authenticate. I believe that I have the app in the admin console setup accordingly:
Allowed grant types: Authorization Code
Login redirect URIs: https://localhost:5001/authorization-code/callback
Logout redirect URIs: https://localhost:5001/signout-callback-oidc
Initiate login URI: https://localhost:5001/authorization-code/callback
Have I misunderstood something? I can create a repo with the issue in Github for review if preferred.