We have set up hosted widget in our Asp.net MVC .net framework 4.8 application as following:
public ActionResult Login()
{
if (!HttpContext.User.Identity.IsAuthenticated)
{
HttpContext.GetOwinContext().Authentication.Challenge(
OktaDefaults.MvcAuthenticationType);
return new HttpUnauthorizedResult();
}
return RedirectToAction("Index", "Home");
}
our startup.cs looks like this:
public void Configuration(IAppBuilder app)
{
var oktaOn = true;
if (!oktaOn) { return; }
AntiForgeryConfig.UniqueClaimTypeIdentifier = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier";
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions {
CookieSameSite = SameSiteMode.None,
CookieSecure = CookieSecureOption.Always,
AuthenticationType = "Cookies",
AuthenticationMode = AuthenticationMode.Active,
});
app.UseOktaMvc(new OktaMvcOptions()
{
OktaDomain = ConfigurationManager.AppSettings["okta:OktaDomain"],
ClientId = ConfigurationManager.AppSettings["okta:ClientId"],
ClientSecret = ConfigurationManager.AppSettings["okta:ClientSecret"],
AuthorizationServerId = ConfigurationManager.AppSettings["okta:AuthorizationServerId"],
RedirectUri = ConfigurationManager.AppSettings["okta:RedirectUri"],
PostLogoutRedirectUri = ConfigurationManager.AppSettings["okta:PostLogoutRedirectUri"],
GetClaimsFromUserInfoEndpoint = true,
Scope = new List<string> { "openid", "profile", "email" },
ClockSkew = TimeSpan.FromMinutes(6.0) // increase clockskew for drifting computer time
});
}
Everything is working locally. We log in using Okta hosted widget but once we publish to other environment it stops working.
We seem to get stuck when authentication occurs and app is trying to go to Home/Index
It just spins at the above URL for 15 minutes then we se the following message
The requested URL was rejected. Please consult with your administrator.
Your support ID is: 5188020406062XXXXXX
[[Go Back]]
Please help