aspnetcore: Blazor WASM hosted on IIS 10 log in exception for some users.
Describe the bug
I`m using blazor webassembly with authorization on IdentityServer (as from the box). Now app published on IIS 10. And 4 user of 200+ registered when login has this error:
Some of them use Google Chrome, some Mozilla Firefox
To Reproduce
I can’t reproduce that. For them reauthorize doesn`t help (also cache clearing) but they can log in from other devices.
Exceptions
When I login myself (withoit error). Browser console log: All Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[1] have index ‘[1]’.
info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[1]
Authorization was successful.
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.LogicalHandler[100]
Start processing HTTP request POST .../Course.Course/GetCourseIndex
blazor.webassembly.js:1 info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[1]
Authorization was successful.
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.LogicalHandler[100]
Start processing HTTP request POST .../UserInfo.UserInfo/GetCurrentUserShortName
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.ClientHandler[100]
Sending HTTP request POST .../Course.Course/GetCourseIndex
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.ClientHandler[100]
Sending HTTP request POST .../UserInfo.UserInfo/GetCurrentUserShortName
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.ClientHandler[101]
Received HTTP response after 243.53ms - OK
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.LogicalHandler[101]
End processing HTTP request after 489.965ms - OK
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.ClientHandler[101]
Received HTTP response after 379.355ms - OK
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.LogicalHandler[101]
End processing HTTP request after 784.4049ms - OK
blazor.webassembly.js:1 info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[1]
Authorization was successful.
When I log in as user who has error (I don`t have error but anyway) some of Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2] (have number 2 and failed).
info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[1]
Authorization was successful.
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.LogicalHandler[100]
Start processing HTTP request POST .../Course.Course/GetCourseIndex
blazor.webassembly.js:1 info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
Authorization failed.
blazor.webassembly.js:1 info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[1]
Authorization was successful.
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.LogicalHandler[100]
Start processing HTTP request POST .../UserInfo.UserInfo/GetCurrentUserShortName
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.ClientHandler[100]
Sending HTTP request POST .../Course.Course/GetCourseIndex
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.ClientHandler[100]
Sending HTTP request POST .../UserInfo.UserInfo/GetCurrentUserShortName
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.ClientHandler[101]
Received HTTP response after 203.9549ms - OK
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.LogicalHandler[101]
End processing HTTP request after 511.6849ms - OK
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.ClientHandler[101]
Received HTTP response after 233.73ms - OK
blazor.webassembly.js:1 info: System.Net.Http.HttpClient.AuthCenter.gRPC.LogicalHandler[101]
End processing HTTP request after 437.115ms - OK
blazor.webassembly.js:1 info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
Authorization failed.
But on screenshot from the user I see only failed with number 2 and none of DefaultAuthorizationService[1] (I apologize for the quality of the screenshot, it was sent by the user):
A bit of code
Program.cs
var builder = WebAssemblyHostBuilder.CreateDefault(args);
builder.RootComponents.Add<App>("app");
builder.Services.AddHttpClient("AuthCenter.ServerAPI", client => client.BaseAddress = new Uri(builder.HostEnvironment.BaseAddress))
.AddHttpMessageHandler<BaseAddressAuthorizationMessageHandler>();
builder.Services.AddHttpClient("AuthCenter.gRPC", client => client.BaseAddress = new Uri(builder.HostEnvironment.BaseAddress))
.ConfigurePrimaryHttpMessageHandler(() => new GrpcWebHandler(GrpcWebMode.GrpcWeb, new HttpClientHandler()))
.AddHttpMessageHandler<BaseAddressAuthorizationMessageHandler>();
builder.Services.AddTransient(sp => sp.GetRequiredService<IHttpClientFactory>().CreateClient("AuthCenter.ServerAPI"));
builder.Services.AddOptions();
builder.Services.AddAuthorizationCore();
builder.Services.AddApiAuthorization(options =>
{
options.UserOptions.RoleClaim = "role";
}).AddAccountClaimsPrincipalFactory<RolesClaimsPrincipalFactory>(); ;
builder.Services.AddScoped<ICurrentUserService, CurrentUserService>();
builder.Services.AddScoped(services =>
{
var httpClient = services.GetRequiredService<IHttpClientFactory>().CreateClient("AuthCenter.gRPC");
var channel = GrpcChannel.ForAddress(httpClient.BaseAddress, new GrpcChannelOptions { HttpClient = httpClient });
return new UserInfo.UserInfoClient(channel);
});
builder.Services.AddScoped(services =>
{
var httpClient = services.GetRequiredService<IHttpClientFactory>().CreateClient("AuthCenter.gRPC");
var channel = GrpcChannel.ForAddress(httpClient.BaseAddress, new GrpcChannelOptions { HttpClient = httpClient });
return new Course.CourseClient(channel);
});
builder.Services.AddScoped(services =>
{
var httpClient = services.GetRequiredService<IHttpClientFactory>().CreateClient("AuthCenter.gRPC");
var channel = GrpcChannel.ForAddress(httpClient.BaseAddress, new GrpcChannelOptions { HttpClient = httpClient });
return new StudyGroups.StudyGroupsClient(channel);
});
builder.Services.AddBlazoredModal();
builder.Services.AddBlazoredToast();
builder.Services.AddScoped<IToastService, ToastService>();
await builder.Build().RunAsync();
RolesClaimsPrincipalFactory.cs
public class RolesClaimsPrincipalFactory : AccountClaimsPrincipalFactory<RemoteUserAccount>
{
public RolesClaimsPrincipalFactory(IAccessTokenProviderAccessor accessor) : base(accessor)
{
}
public override async ValueTask<ClaimsPrincipal> CreateUserAsync(RemoteUserAccount account, RemoteAuthenticationUserOptions options)
{
var user = await base.CreateUserAsync(account, options);
if (user.Identity.IsAuthenticated)
{
var identity = (ClaimsIdentity)user.Identity;
var roleClaims = identity.FindAll(identity.RoleClaimType);
if (roleClaims != null && roleClaims.Any())
{
foreach (var existingClaim in roleClaims)
{
identity.RemoveClaim(existingClaim);
}
var rolesElem = account.AdditionalProperties[identity.RoleClaimType];
if (rolesElem is JsonElement roles)
{
if (roles.ValueKind == JsonValueKind.Array)
{
foreach (var role in roles.EnumerateArray())
{
identity.AddClaim(new Claim(options.RoleClaim, role.GetString()));
}
}
else
{
identity.AddClaim(new Claim(options.RoleClaim, roles.GetString()));
}
}
}
}
return user;
}
}
Further technical details
dotnet --info Џ ЄҐв SDK ¤«п .NET Core (®ва ¦ ойЁ© «оЎ®© global.json): Version: 3.1.301 Commit: 7feb845744
‘। ўлЇ®«ҐЁп: OS Name: Windows OS Version: 10.0.18363 OS Platform: Windows RID: win10-x64 Base Path: C:\Program Files\dotnet\sdk\3.1.301\
Host (useful for support): Version: 3.1.5 Commit: 65cd789777
.NET Core SDKs installed: 2.1.202 [C:\Program Files\dotnet\sdk] 2.1.402 [C:\Program Files\dotnet\sdk] 2.1.403 [C:\Program Files\dotnet\sdk] 2.1.502 [C:\Program Files\dotnet\sdk] 2.1.505 [C:\Program Files\dotnet\sdk] 2.2.101 [C:\Program Files\dotnet\sdk] 3.1.101 [C:\Program Files\dotnet\sdk] 3.1.301 [C:\Program Files\dotnet\sdk]
.NET Core runtimes installed: Microsoft.AspNetCore.All 2.1.4 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.All 2.1.5 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.All 2.1.6 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.All 2.1.9 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.All 2.1.15 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.All 2.1.19 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.All 2.2.0 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.All 2.2.8 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.App 2.1.4 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 2.1.5 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 2.1.6 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 2.1.9 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 2.1.15 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 2.1.19 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 2.2.0 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 2.2.8 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 3.1.1 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.AspNetCore.App 3.1.5 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.NETCore.App 2.0.9 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 2.1.4 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 2.1.5 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 2.1.6 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 2.1.9 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 2.1.15 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 2.1.19 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 2.2.0 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 2.2.8 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 3.1.1 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.NETCore.App 3.1.5 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App] Microsoft.WindowsDesktop.App 3.1.1 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App] Microsoft.WindowsDesktop.App 3.1.5 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
VisualStudio.16.Release/16.6.2+30204.135
ASP.NET and Web Tools 2019 16.6.948.25768 ASP.NET and Web Tools 2019
ASP.NET Core Razor Language Services 16.1.0.2020603+b3ac44798c16fff5b95dbcfe62dea84aa9a1bd72 Provides languages services for ASP.NET Core Razor.
I’m sorry if I did something wrong, for a week now we can’t find the cause of this problem.
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 23 (7 by maintainers)
@rayder2007 Unfortunately no. For some users help to set correct time but not all users contact support. We have to use a classic website in parallel for such users.
We’ve moved this issue to the Backlog milestone. This means that it is not going to be worked on for the coming release. We will reassess the backlog following the current release and consider this item at that time. To learn more about our issue management process and to have better expectation regarding different types of issues you can read our Triage Process.