We Keep Coding

Blazor Server Side app won't redirect to login page after IIS WebSite is restarted

After I restart IIS Website, I get following error, instead of being redirected to login page:
blazor.server.js:1 POST https://localhost/_blazor/negotiate?negotiateVersion=1 net::ERR_ABORTED 401
when visiting https://localhost/someblazorroute.
I need to manually go to https://localhost/ and hard reload the page (in chrome Ctrl+Shift+R) in order to be redirected to login
I have following startup.cs:
public void ConfigureServices(IServiceCollection services)
{
services.Configure<IISServerOptions>(options => options.AutomaticAuthentication = false);
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.LoginPath = "/Auth/Login";
options.LogoutPath = "/Auth/Logout";
})
.AddScheme<AuthenticationSchemeOptions, BasicAuthenticationHandler >("Basic", null);
services.AddAuthorization(options =>
{
options.AddPolicy("AllowBasicAuthPolicy", policy =>
{
policy.AddAuthenticationSchemes(CookieAuthenticationDefaults.AuthenticationScheme);
policy.AddAuthenticationSchemes("Basic");
policy.RequireAuthenticatedUser();
});
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapRazorPages().RequireAuthorization();
endpoints.MapBlazorHub().RequireAuthorization();
endpoints.MapFallbackToPage("/_Host");
});
}

I was facing the exact same issue and the solution to this was rather trivial.
you just need to ensure that you call for setting up Authentication, Authorization and then set default route in the right order in startup.cs as shown in the code below:
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
.
.
.
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
//this MUST come after the lines before.
app.UseMvcWithDefaultRoute();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
endpoints.MapBlazorHub();
endpoints.MapFallbackToPage("/_Host");
});
}

User.Identity with empty properties when running app on Kestrel

I have two situations during windows authentication using Active Directory domain identities:
When I running my app with IIS I'm getting object WindowsPrincipal filled with information
When I running my app with Kestrel I'm getting object ClaimsPrincipal without any informatiion about the user information
What could be the problem?
My ConfigureService:
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<ApplicationContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddIdentity<IdentityUser, IdentityRole>().AddRoleManager<RoleManager<IdentityRole>>()
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationContext>();
services.AddAuthentication(NegotiateDefaults.AuthenticationScheme).AddNegotiate();
services.AddAuthorization();
services.AddScoped<IUserManagementManager, UserManagementManager>();
services.AddScoped<IRolesManagementManager, RolesManagementManager>();
}
Configure:
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, ILogger<Startup> logger)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseResponseCaching();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Authentication}/{action=Index}");
});
}

How did you configure Windows Authentication in the Kestrel? I found that the attribute of IsAuthenticated in your image is false. This may cause you can not get any information about the ClaimsPrincipal.
You can use invoke AddAuthentication and AddNegotiate in Startup.ConfigureServices to add authentication services in Kestrel.
services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
.AddNegotiate();
More information about how to config windows Authentication in the Kestrel you can refer to this link: https://learn.microsoft.com/en-us/aspnet/core/security/authentication/windowsauth?view=aspnetcore-5.0&tabs=visual-studio

has been blocked by CORS policy --why am I getting this error for post request in asp.net core?

for GET request, I got the same error and I fixed that but now for POST request again getting this error. For the GET request I fixed that by writing this in a startup.cs file. What can I do?
public void ConfigureServices(IServiceCollection services) {
services.AddCors(options => {
options.AddPolicy(name: MyAllowSpecificOrigins,
builder => {
builder.WithOrigins("https://localhost:fhfhhfh",
"https://localhost:fhfhf");
});
});
services.AddControllers();
services.AddRazorPages();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, GameUserContext db) {
if (env.IsDevelopment()) {
app.UseDeveloperExceptionPage();
}
db.Database.EnsureCreated();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseCors();
app.UseAuthorization();
app.UseCors(MyAllowSpecificOrigins);
app.UseEndpoints(endpoints => {
endpoints.MapControllers();
endpoints.MapRazorPages();
});
}

Allow POST method by extending your builder like this:
builder.WithOrigins("https://localhost:fhfhhfh", "https://localhost:fhfhf")
.WithMethods("POST", "GET");
WithMethods
Or you can allow any method:
builder.WithOrigins("https://localhost:fhfhhfh", "https://localhost:fhfhf")
.AllowAnyMethod();
AllowAnyMethod

Change app.UseCors() to app.UseCors(MyAllowSpecificOrigins);
if it is still not working
try to change your builder to builder => {
builder.WithOrigins("https://localhost:fhfhhfh",
"https://localhost:fhfhf")
.AllowAnyHeader()
.AllowAnyMethod();
});

ASP.NET Core 3.1 with Razor pages, api controllers and IdentityServer4

I'm creating a boilerplate for ASP.NET Core 3.1 projects with Razor page, api controller and IdentityServer4. The full source code is in my Github.
The configuration in the Startup.cs is
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication("Bearer")
.AddJwtBearer("Bearer", options => {
options.Authority = "https://localhost:44301";
options.RequireHttpsMetadata = false;
});
services.AddIdentityServer()
.AddDeveloperSigningCredential()
//not something we want to use in a production environment
.AddInMemoryIdentityResources(InMemoryConfig.GetIdentityResources())
.AddTestUsers(InMemoryConfig.GetUsers())
.AddInMemoryClients(InMemoryConfig.GetClients());
}
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
app.UseHsts();
}
app.UseIdentityServer();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapRazorPages();
endpoints.MapControllers();
});
app.UseOpenApi();
app.UseSwaggerUi3();
}
I configured the IdentityServer4 with InMemoryConfig. If I use Postman, I have a valid token as result.
The problem occurs when I call the webapi from the url https://localhost:44301/api/Account. When I decorate the apicontroller with [Authorize], I'm using Postman to call it and I pass as authorization the bearer token I've just create and I already receive 404 Not Found. If I try to use Swagger for calling this function and I pass the token, there is no result.
The Swagger page is recognizing correctly all apis. Without the [Authorize] decoration I can test my apis.
When I add the authorization and I add the token to my request, Swagger doesn't show anything, oh well, 404.
I don't know if this is a configuration problem or something different.
Update
I googled a lot and I found a post on the ASP.NET core repo and I tried to update ConfigureService like
// this order seems important for .NET:
// first AddIdentityServer then AddAuthentication
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryIdentityResources(InMemoryConfig.GetIdentityResources())
.AddTestUsers(InMemoryConfig.GetUsers())
.AddInMemoryClients(InMemoryConfig.GetClients());
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
// necessary, even if you don't use BearerAuth.
.AddJwtBearer();
then I changed
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, ILoggerFactory loggerFactory)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseIdentityServer();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
// this order seems important for .NET
// first UseAuthorization and then UseAuthentication
app.UseAuthorization();
app.UseAuthentication();
app.UseEndpoints(endpoints =>
{
endpoints.MapRazorPages();
endpoints.MapControllers();
});
app.UseOpenApi();
app.UseSwaggerUi3();
}
Now I receive 401 Unauthorized instead of 404 Non found. Apparently, ASP.NET Core redirects automatically to a login page.

User registration event ASP.NET Core 3

I've created an ASP.NET Core 3 website with all the latest updates (Visual Studio 2019). I would like to perform certain actions when a user registers but I cannot find out how to do that. I suspect that I have to hook up to an event in my start up class, but all my googling has left me in loops. Please assist. My current startup class looks like this (it's mostly the generated code)
public void ConfigureServices(IServiceCollection services)
{
services.TryAddTransient<ITokenService, CustomTokenService>();
services.AddDbContext<ApplicationDbContext>(options => options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<ApplicationUser>().AddEntityFrameworkStores<ApplicationDbContext>();
services.AddIdentityServer().AddApiAuthorization<ApplicationUser, ApplicationDbContext>();
services.AddAuthentication().AddIdentityServerJwt();
services.AddControllersWithViews();
services.AddRazorPages();
services.AddSpaStaticFiles(configuration =>
{
configuration.RootPath = "ClientApp/dist";
});
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Error");
app.UseHsts();
}
app.UseAuthentication();
app.UseIdentityServer();
app.UseAuthorization();
app.UseHttpsRedirection();
app.UseStaticFiles();
if (!env.IsDevelopment())
{
app.UseSpaStaticFiles();
}
app.UseRouting();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(name: "default", pattern: "{controller}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
app.UseSpa(spa =>
{
spa.Options.SourcePath = "ClientApp";
if (env.IsDevelopment())
{
spa.UseAngularCliServer(npmScript: "start");
}
});
}