Blazor 8 after passing authentication check the browser appears to keep reauthenticating...

[GX2AG]

Which version of Duende IdentityServer are you using?
6

Which version of .NET are you using?
8

Describe the bug
I have a Blazor Server app that, after I authenticate with Identity Server, the progress spinner for the tab keeps restarting and the page stays white and never routes.

A clear and concise description of what the bug is.
When the user open a page that has the Authorize Attribute, they are routed to the Identity Server login. After completing the login, where they should be routed back to the site, the browser tab appears to keep resubmitting the auth request over and over. The log file quickly grows with login attempts. This also occurs on the Duende Test Api.

To Reproduce

Steps to reproduce the behavior.

See included video

msedge_HzJAwhU8qH.mp4

Expected behavior

A clear and concise description of what you expected to happen.

I expected the page to be authenticated and the user routed to the page.

Log output/exception with stacktrace

data

Additional context

Add any other context about the problem here.

[josephdecock]

This looks like session at the blazor application is not starting, but the session at IdentityServer is starting. So, you're getting redirected back and forth endlessly - the blazor app has no session, issues a challenge, you're redirected to IdentityServer, IdentityServer has a session, so it immediately responds with a token, then the app fails to start its own session and instead issues another challenge, and this behavior loops indefinitely.

I'm not sure why your application isn't starting its session correctly, but a good place to start is our documentation on blazor server applications in the Duende.AccessTokenManagement client library, and the accompanying sample application.

[AndersAbel]

@GX2AG Do you have any updates on this? Any more questions? If not, we'd like to close the issue.

[GX2AG]

I think I have gotten past the first part of this. Now I am stuck on a different issue. I will update the ticket with the details shortly. Thanks, George Georgiades Missions Software Engineering Manager AG National Office <https://ag.org/> | (417) 862-2781 x. 4624 [A picture containing text, sign, outdoor Description automatically generated] From: Anders Abel ***@***.***> Date: Tuesday, January 16, 2024 at 6:22 AM To: DuendeSoftware/Support ***@***.***> Cc: Georgiades, George ***@***.***>, Mention ***@***.***> Subject: Re: [DuendeSoftware/Support] Blazor 8 after passing authentication check the browser appears to keep reauthenticating... (Issue #1032) [EXTERNAL EMAIL] @GX2AG<https://github.com/GX2AG> Do you have any updates on this? Any more questions? If not, we'd like to close the issue. — Reply to this email directly, view it on GitHub<#1032 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/BAVZWKC2T274L3LY6GGVF4LYOZWGNAVCNFSM6AAAAABAMZ6YKWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQOJTGYZTMNBRGI>. You are receiving this because you were mentioned.Message ID: ***@***.***>

[GX2AG]

When I log into the site form the homepage, I can get authenticated and routed back to the home page. The site does not know that I have authenticated until I route somewhere else in the site. I am not sure why routing back would not know I am authenticated now.

In addition, If I initially route to a different page from the home page, I get the spinning call back stuff again. It seems that I have to route to the home page to log in. Why can I not route to a different page and get authenticated?

[josephdecock]

Sorry for the delay in getting back to you @GX2AG! We are actively working on an update to the BFF and new samples to show how to solve auth issues in blazor with .NET 8, which I'm hoping will help you as well. For more details on my thoughts about the problems we're working on, see this comment, and this open issue in our samples repo. In the interest of keeping things organized, I'm closing this along with some other related issues, but feel free to provide feedback and comments in (DuendeSoftware/Samples#142)