问题
I have the following client set up in IdentityServer:
new Client
{
ClientName = "My web application",
Enabled = true,
ClientId = "mywebapp",
ClientSecrets = new List<ClientSecret>
{
new ClientSecret("somesecret")
},
Flow = Flows.Hybrid,
ClientUri = "https://app.mydomain.com",
RedirectUris = new List<string>
{
"oob://localhost/wpfclient",
"http://localhost:2672/",
"https://app.mydomain.com"
}
}
And it is hosted online, let's say https://auth.mydomain.com/core.
Trying to modify the MVC OWIN Client (Hybrid) sample client to log-in to the above identity server, in Startup.cs I modified the ClientId, ClientSecret and RedirectUri to match the client settings in IdSrv. Now when I try to navigate to a page that requires authorization, I am redirected to IdentityServer's URL. When I log-in, the breakpoint hits at AuthorizationCodeReceived notification in the client's Startup.cs and then gets into a loop. The browser's status shows:
Waiting for localhost...
Waitnig for auth.mydomain.com...
Waiting for localhost...
Waitnig for auth.mydomain.com...
...
and so on and never finishes the log-in. Why is this happening? Please help.
Thanks!
回答1:
Most probably this is caused by mixing http and https in redirects. Please use one scheme consistently and check the scheme on browser address-bar.
来源:https://stackoverflow.com/questions/29780627/identityserver-gets-into-infinite-loop-of-authentication