Here is a snippet.
NOTE: Ultimate deliverable is in a VB Web site Project. But the working you see is in C#.
I made ever effort to ensure the NuPgk’s are the same between the 2. The assembly references in the web.configs help show that as well.
On the working when I get the OKTA credential page, I put in my credentials and I see it goes to the OKTA domain URL (which I am showing as: https://{My OKTA DEV}.okta.com) and then it will come back to the page or whatever page I put in the login.aspx.cs under the "properties.RedirectUri = “/”; //will redirect. "
However, in the non-working…I get challenged for the OKTA credentials and when I click on the sign in I do not see going to the OKTA domain and when it comes back it has the request type of “POST” but and no information. I don’t believe it’s made the complete trip.
Working
Login.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Login.aspx.cs" Inherits="okta_aspnet_webforms_example.Login" %>
<script src="https://global.oktacdn.com/okta-signin-widget/5.2.0/js/okta-sign-in.min.js" type="text/javascript"></script>
<link href="https://global.oktacdn.com/okta-signin-widget/5.2.0/css/okta-sign-in.min.css" type="text/css" rel="stylesheet" />
<script src="Scripts/jquery-3.4.1.min.js" type="text/javascript"></script>
<div id="widget"></div>
<form method="POST" action="Login.aspx">
<input type="hidden" name="sessionToken" id="hiddenSessionTokenField" />
</form>
<script type="text/javascript">
var oktaDomain = '<%= System.Configuration.ConfigurationManager.AppSettings["okta:oktaDomain"].ToString() %>';
var signIn = new OktaSignIn({
baseUrl: oktaDomain
});
signIn.renderEl({ el: '#widget' }, (res) => {
var sessionTokenField = $("#hiddenSessionTokenField");
sessionTokenField.val(res.session.token);
var form = sessionTokenField.parent();
form.submit();
}, (err) => {
console.error(err);
});
</script>
Login.aspx.cs
using System;
using System.Web;
using System.Linq;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.OpenIdConnect;
#pragma warning disable SA1300 // Element should begin with upper-case letter
namespace okta_aspnet_webforms_example
#pragma warning restore SA1300 // Element should begin with upper-case letter
{
public partial class Login : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (Request.RequestType == "POST" && !Request.IsAuthenticated)
{
var sessionToken = Request.Form["sessionToken"]?.ToString();
var properties = new AuthenticationProperties();
properties.Dictionary.Add("sessionToken", sessionToken);
properties.RedirectUri = "/"; //will redirect.
HttpContext.Current.GetOwinContext().Authentication.Challenge(
properties,
OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
}
}
}
Startup.cs
using System.Collections.Generic;
using System.Configuration;
using System.Web;
using Microsoft.Owin;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.Cookies;
using Okta.AspNet;
using Owin;
[assembly: OwinStartup(typeof(okta_aspnet_webforms_example.Startup))]
#pragma warning disable SA1300 // Element should begin with upper-case letter
namespace okta_aspnet_webforms_example
#pragma warning restore SA1300 // Element should begin with upper-case letter
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions()
{
LoginPath = new PathString("/Login.aspx"),
});
app.UseOktaMvc(new OktaMvcOptions()
{
OktaDomain = ConfigurationManager.AppSettings["okta:OktaDomain"],
ClientId = ConfigurationManager.AppSettings["okta:ClientId"],
ClientSecret = ConfigurationManager.AppSettings["okta:ClientSecret"],
AuthorizationServerId = ConfigurationManager.AppSettings["okta:AuthorizationServerId"],
RedirectUri = ConfigurationManager.AppSettings["okta:RedirectUri"],
PostLogoutRedirectUri = ConfigurationManager.AppSettings["okta:PostLogoutRedirectUri"],
Scope = new List<string> { "openid", "profile", "email" },
LoginMode = LoginMode.SelfHosted,
});
}
}
}
web.config
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
https://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<appSettings>
<!-- 1. Replace these values with your Okta configuration -->
<add key="okta:ClientId" value="{My OKTA ClientID}" />
<add key="okta:ClientSecret" value="{My OKTA Secret}" />
<add key="okta:OktaDomain" value="https://{My OKTA DEV}.okta.com" />
<add key="okta:AuthorizationServerId" value="default" />
<!-- 2. Update the Okta application with these values -->
<add key="okta:RedirectUri" value="https://localhost:44314/authorization-code/callback" />
<add key="okta:PostLogoutRedirectUri" value="https://localhost:44314/" />
</appSettings>
<location path="Profile.aspx">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
<!--
For a description of web.config changes see http://go.microsoft.com/fwlink/?LinkId=235367.
The following attributes can be set on the <httpRuntime> tag.
<system.Web>
<httpRuntime targetFramework="4.6.1" />
</system.Web>
-->
<system.web>
<compilation debug="true" targetFramework="4.7.2" />
<httpRuntime targetFramework="4.6.1" />
<pages>
<namespaces>
<add namespace="System.Web.Optimization" />
</namespaces>
<controls>
<add assembly="Microsoft.AspNet.Web.Optimization.WebForms" namespace="Microsoft.AspNet.Web.Optimization.WebForms" tagPrefix="webopt" />
</controls>
</pages>
<httpModules />
<sessionState cookieless="false" timeout="360" />
</system.web>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="Antlr3.Runtime" publicKeyToken="eb42632606e9261f" />
<bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" />
<bindingRedirect oldVersion="0.0.0.0-12.0.0.0" newVersion="12.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-1.6.5135.21930" newVersion="1.6.5135.21930" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Logging" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.5.0.0" newVersion="6.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Tokens" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.5.0.0" newVersion="6.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin.Security" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.1.0.0" newVersion="4.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.1.0.0" newVersion="4.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.IdentityModel.Tokens.Jwt" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.5.0.0" newVersion="6.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Protocols.OpenIdConnect" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.5.0.0" newVersion="6.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Protocols" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.5.0.0" newVersion="6.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Text.Encodings.Web" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.0.5.0" newVersion="4.0.5.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Runtime.CompilerServices.Unsafe" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.0.6.0" newVersion="4.0.6.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Buffers" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.0.3.0" newVersion="4.0.3.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Numerics.Vectors" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.1.4.0" newVersion="4.1.4.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:1659;1699;1701" />
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:41008 /define:_MYTYPE=\"Web\" /optionInfer+" />
</compilers>
</system.codedom>
</configuration>
NOT WORKING (VB.NET, WEB SITE Project)
OKTAVAL2.aspx
<%@ Page Language="VB" AutoEventWireup="true" CodeFile="OKTAVal2.aspx.vb" Inherits="Test_Login.Test_LoginOkta" %>
<script type="text/javascript" src="/Scripts/jquery-3.4.1.min.js"></script>
<script src="https://global.oktacdn.com/okta-signin-widget/5.2.0/js/okta-sign-in.min.js" type="text/javascript"></script>
<link href="https://global.oktacdn.com/okta-signin-widget/5.2.0/css/okta-sign-in.min.css" type="text/css" rel="stylesheet" />
<div id="widget"></div>
<form method="POST" action="OKTAVal2.aspx">
<input type="hidden" name="sessionToken" id="hiddenSessionTokenField" />
</form>
<script type="text/javascript">
var oktaDomain = '<%= System.Configuration.ConfigurationManager.AppSettings("okta:oktaDomain").ToString() %>';
var signIn = new OktaSignIn({
baseUrl: oktaDomain
});
signIn.renderEl({ el: '#widget' }, (res) => {
var sessionTokenField = $("#hiddenSessionTokenField");
sessionTokenField.val(res.session.token);
var form = sessionTokenField.parent();
form.submit()
}, (err) => {
console.error(err);
});
</script>
OKTAVal2.aspx.vb
Imports System
Imports System.Web
Imports Microsoft.Owin.Security
Imports Microsoft.Owin.Security.OpenIdConnect
Namespace Test_Login
Partial Class Test_LoginOkta
Inherits System.Web.UI.Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
Try
If Request.RequestType = "POST" AndAlso Not Request.IsAuthenticated Then
Dim sessionToken = If(Request.Form.Item("sessionToken") IsNot Nothing, Request.Form.Item("sessionToken").ToString, Nothing)
Dim properties = New AuthenticationProperties()
properties.Dictionary.Add("sessionToken", sessionToken)
properties.RedirectUri = "/"
HttpContext.Current.GetOwinContext().Authentication.Challenge(properties, OpenIdConnectAuthenticationDefaults.AuthenticationType)
End If
'ClientScript.RegisterStartupScript(GetType(Page), "autoPostback", ClientScript.GetPostBackEventReference(Me, String.Empty), True)
Catch ex As Exception
HttpContext.Current.Session("ErrorMessage") = "Page_Load() in /account/login.aspx.vb: " & ex.Message & " - StackTrace: " & ex.StackTrace
GeneralUtils.Trace(350, 0, 0, "Page_Load() in /account/loginokta.aspx.vb:", ex.Message & " - StackTrace: " & ex.StackTrace)
Response.Redirect("~/PageError.aspx", False)
HttpContext.Current.ApplicationInstance.CompleteRequest()
End Try
End Sub
End Class
End Namespace
Startup.vb
Imports System.Collections.Generic
Imports System.Configuration
Imports System.Web
Imports Microsoft.Owin
Imports Microsoft.Owin.Security
Imports Microsoft.Owin.Security.OpenIdConnect
Imports Microsoft.Owin.Security.Cookies
Imports Okta.AspNet
Imports Owin
<Assembly: OwinStartup(GetType(TestMe.Startup))>
Namespace TestMe
Public Class Startup
Public Sub Configuration(ByVal app As IAppBuilder)
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType)
app.UseCookieAuthentication(New CookieAuthenticationOptions() With {
.LoginPath = New PathString("/OKTAVal2.aspx")
})
app.UseOktaMvc(New OktaMvcOptions() With {
.OktaDomain = ConfigurationManager.AppSettings("okta:OktaDomain"),
.ClientId = ConfigurationManager.AppSettings("okta:ClientId"),
.ClientSecret = ConfigurationManager.AppSettings("okta:ClientSecret"),
.AuthorizationServerId = ConfigurationManager.AppSettings("okta:AuthorizationServerId"),
.RedirectUri = ConfigurationManager.AppSettings("okta:RedirectUri"),
.PostLogoutRedirectUri = ConfigurationManager.AppSettings("okta:PostLogoutRedirectUri"),
.Scope = New List(Of String) From {
"openid",
"profile",
"email"
},
.LoginMode = LoginMode.SelfHosted
})
End Sub
End Class
End Namespace
web.config
<?xml version="1.0" encoding="utf-8"?>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config.comments usually located in
\Windows\Microsoft.Net\Framework\v2.x\Config
-->
<configuration>
<configSections>
<section name="Telerik.Reporting" type="Telerik.Reporting.Configuration.ReportingConfigurationSection, Telerik.Reporting, Version=16.2.22.914, Culture=neutral, PublicKeyToken=a9d7983dfcc261be" allowLocation="true" allowDefinition="Everywhere" />
</configSections>
<!-- Substitute Version=X.X.X.X with the assembly version you are using! -->
<Telerik.Reporting>
<Extensions>
<Render>
<Extension name="RTF" visible="false" />
</Render>
</Extensions>
</Telerik.Reporting>
<appSettings>
<add key="owin:AutomaticAppStartup" value="true" />
<add key="owin:AppStartup" value="Bagster.Startup" />
<!-- 1. Replace these values with your Okta configuration -->
<add key="okta:ClientId" value="{My OKTA ClientID}" />
<add key="okta:ClientSecret" value="{My OKTA Client Secret}" />
<add key="okta:OktaDomain" value="https://{My OKTA DEV}.okta.com" />
<add key="okta:AuthorizationServerId" value="default" />
<!-- 2. Update the Okta application with these values -->
<add key="okta:RedirectUri" value="https://localhost:44314/authorization-code/callback" />
<add key="okta:PostLogoutRedirectUri" value="https://localhost:44314/" />
</appSettings>
<connectionStrings>
</connectionStrings>
<system.web>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
<!-- <httpRuntime requestValidationMode="2.0" enableVersionHeader="false" />-->
<httpRuntime targetFramework="4.6.1" enableVersionHeader="false" executionTimeout="900" />
<httpCookies sameSite="None" requireSSL="true" />
<authentication mode="Forms">
<forms requireSSL="true" />
</authentication>
<customErrors mode="Off" />
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID">
<controls>
<add tagPrefix="telerik" namespace="Telerik.Web.UI" assembly="Telerik.Web.UI" />
<add assembly="Microsoft.AspNet.Web.Optimization.WebForms" namespace="Microsoft.AspNet.Web.Optimization.WebForms" tagPrefix="webopt" />
</controls>
</pages>
<httpModules />
<sessionState cookieSameSite="None" cookieless="false" timeout="360" />
</system.web>
<!--
The system.webServer section is required for running ASP.NET AJAX under Internet
Information Services 7.0. It is not necessary for previous version of IIS.
-->
<system.webServer>
<httpProtocol>
<customHeaders>
<remove name="X-Powered-By" />
<!--Code to prevent clickjack attempts-->
<add name="X-Frame-Options" value="SAMEORIGIN" />
<add name="Content-Security-Policy" value="default-src https: data: 'unsafe-inline' 'unsafe-eval'" />
<add name="Strict-Transport-Security" value="max-age=31536000; includeSubDomains" />
<add name="X-Content-Type-Options" value="nosniff" />
<add name="X-Xss-Protection" value="1; mode=block" />
</customHeaders>
</httpProtocol>
<validation validateIntegratedModeConfiguration="false" />
<defaultDocument>
<files>
<clear />
<add value="default.aspx" />
<add value="Default.asp" />
<add value="Default.htm" />
<add value="index.htm" />
<add value="index.html" />
<add value="iisstart.htm" />
</files>
</defaultDocument>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="Microsoft.WindowsAzure.Storage" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.3.0.0" newVersion="4.3.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-12.0.0.0" newVersion="12.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Tokens" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.5.1.0" newVersion="6.5.1.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.IdentityModel.Tokens.Jwt" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.5.0.0" newVersion="6.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Protocols.OpenIdConnect" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.5.0.0" newVersion="6.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Protocols" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.5.0.0" newVersion="6.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Runtime.CompilerServices.Unsafe" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.0.6.0" newVersion="4.0.6.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.ValueTuple" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.0.3.0" newVersion="4.0.3.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Threading.Tasks.Extensions" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.2.0.1" newVersion="4.2.0.1" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Buffers" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.0.3.0" newVersion="4.0.3.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Bcl.AsyncInterfaces" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Extensions.Primitives" publicKeyToken="adb9793829ddae60" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.1.32.0" newVersion="3.1.32.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Logging" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.5.1.0" newVersion="6.5.1.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-1.6.5135.21930" newVersion="1.6.5135.21930" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin.Security" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.1.0.0" newVersion="4.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.1.0.0" newVersion="4.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Antlr3.Runtime" publicKeyToken="eb42632606e9261f" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Text.Encodings.Web" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.0.5.0" newVersion="4.0.5.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Extensions.Configuration.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.1.32.0" newVersion="3.1.32.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Extensions.DependencyInjection.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-5.0.0.0" newVersion="5.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Extensions.Options" publicKeyToken="adb9793829ddae60" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.1.32.0" newVersion="3.1.32.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Extensions.Logging.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-5.0.0.0" newVersion="5.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Extensions.DependencyInjection" publicKeyToken="adb9793829ddae60" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-5.0.0.0" newVersion="5.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Extensions.FileProviders.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.1.32.0" newVersion="3.1.32.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Extensions.Configuration" publicKeyToken="adb9793829ddae60" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.1.32.0" newVersion="3.1.32.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Extensions.FileProviders.Physical" publicKeyToken="adb9793829ddae60" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.1.32.0" newVersion="3.1.32.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Memory" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.0.1.1" newVersion="4.0.1.1" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Extensions.FileSystemGlobbing" publicKeyToken="adb9793829ddae60" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Extensions.Configuration.FileExtensions" publicKeyToken="adb9793829ddae60" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.1.32.0" newVersion="3.1.32.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="YamlDotNet" publicKeyToken="ec19458f3c15af5e" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-11.0.0.0" newVersion="11.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.JsonWebTokens" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.5.1.0" newVersion="6.5.1.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:1659;1699;1701" />
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:41008 /define:_MYTYPE=\"Web\" /optionInfer+" />
</compilers>
</system.codedom>
</configuration>
I do know in the OKTA web forms sample, the login page and everything it off the root and in the web site project that OKTAVal.aspx is in a “Test” subfolder. Could that have an issue and/or does with with the values in the web.config file of
"<add key="okta:RedirectUri" value="https://localhost:44314/authorization-code/callback" />
<add key="okta:PostLogoutRedirectUri" value="https://localhost:44314/" />"
One other things I can’t I am not sure I am understanding on with the web site project which isn’t completely working is that after get the Widget and enter the credential information (and doesn’t appear to so to the OKTA domain URL for validation) it responds with an error of the 404 on the Login.aspx page. There is no one there. The working OKTA web forms example has one but not the web project one. I am not sure how to get it to even not work with a login.aspx file or why it’s tempting that.
Any information would be greatly appreciated.