Having a problem with the OktaASP library persisting the successful callback and UserInfo to the HttpContext Identity.
I created used the Sample App and got that working perfectly after recoding it into the same use case as my main application.
I thought the problem with my main app would be because I was using Forms Authentication for the main workflow, so I switched the Sample App to forms Authentication, suppressed the forms redirects like i’m doing in my main app and and mirrored as much of the Start Up, Routing and App config as possible from my main App.
But the Sample app still works perfectly as required
I can see in Fiddler on the Main App all the conversation between the Okta server matching exactly a successful use case on the sample app, with access tokens and user info with verified email being transmitted correctly and received the same as in the Sample app.
The only difference I can see between the sample App and the main application is that in the Main app the HttpContext.Identity is not getting set and authenticated. Where as in the sample app this is getting appropriately set.
Which causes an infinite loop to occur.
I’ve recreated various application connections in the Okta config and swapped Id’s and secrets numerous times to make sure I wasn’t dealing with the Typo or anything in the URLs.
Unfortunately the area where I think something is going wonky where the HttpContext is getting set in the Owin libraries triggered by the Okta middle ware I don’t have access to.
No errors are being thrown.
Was wondering whether anyone had experienced a similar scenario or have pointers on where to look.