Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://XXX.onmicrosoft.com/XXX_SignUp_SignIn/v2.0/.well-known/openid-configuration'. #702

Open
16 tasks
jimmathew999 opened this issue Jun 1, 2023 · 5 comments
Open
16 tasks

System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://XXX.onmicrosoft.com/XXX_SignUp_SignIn/v2.0/.well-known/openid-configuration'. #702

jimmathew999 opened this issue Jun 1, 2023 · 5 comments
Labels
question Further information is requested

Comments

@jimmathew999
Copy link

jimmathew999 commented Jun 1, 2023
edited
Loading

Please provide us with the following information:

This issue is for a: (mark with an x)

- [x ] bug report -> please search issues before submitting
- [ ] feature request
- [ ] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)

The issue was found for the following scenario:

Please add an 'x' for the scenario(s) where you found an issue

  1. Web app that signs in users
    1. with a work and school account in your organization: 1-WebApp-OIDC/1-1-MyOrg
    2. with any work and school account: /1-WebApp-OIDC/1-2-AnyOrg
    3. with any work or school account or Microsoft personal account: 1-WebApp-OIDC/1-3-AnyOrgOrPersonal
    4. with users in National or sovereign clouds 1-WebApp-OIDC/1-4-Sovereign
    5. [x ] with B2C users 1-WebApp-OIDC/1-5-B2C
  2. Web app that calls Microsoft Graph
    1. Calling graph with the Microsoft Graph SDK: 2-WebApp-graph-user/2-1-Call-MSGraph
    2. With specific token caches: 2-WebApp-graph-user/2-2-TokenCache
    3. Calling Microsoft Graph in national clouds: 2-WebApp-graph-user/2-4-Sovereign-Call-MSGraph
  3. Web app calling several APIs 3-WebApp-multi-APIs
  4. Web app calling your own Web API
    1. with a work and school account in your organization: 4-WebApp-your-API/4-1-MyOrg
    2. with B2C users: 4-WebApp-your-API/4-2-B2C
    3. with any work and school account: 4-WebApp-your-API/4-3-AnyOrg
  5. Web app restricting users
    1. by Roles: 5-WebApp-AuthZ/5-1-Roles
    2. by Groups: 5-WebApp-AuthZ/5-2-Groups
  6. Deployment to Azure
  7. Other (please describe)

Repro-ing the issue

Repro steps

I have registered my app and when I tried to access, I'm getting following error...

I'm accessing through proxy due to security restrictions. also enabled TL1.2 based on other community feedbacks.

Category: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware
EventId: 1
SpanId: f3a0e0b6f3d02df5
TraceId: 2428398476c24cd49c3f809ef4c6d4e5
ParentId: 0000000000000000
RequestId: 8000000a-0002-fa00-b63f-84710c7967bb
RequestPath: /App1/MicrosoftIdentity/Account/SignIn

An unhandled exception has occurred while executing the request.

Exception:
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://XXX.onmicrosoft.com/XXX_SignUp_SignIn/v2.0/.well-known/openid-configuration'. Will retry at '6/1/2023 5:37:52 AM +00:00'. Exception: 'System.IO.IOException: IDX20804: Unable to retrieve document from: 'https://XXX.onmicrosoft.com/XXX_SignUp_SignIn/v2.0/.well-known/openid-configuration'.
---> System.Threading.Tasks.TaskCanceledException: The request was canceled due to the configured HttpClient.Timeout of 60 seconds elapsing.
---> System.TimeoutException: A task was canceled.
---> System.Threading.Tasks.TaskCanceledException: A task was canceled.
at System.Threading.Tasks.TaskCompletionSourceWithCancellation1.WaitWithCancellationAsync(CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.HttpConnectionWaiter1.WaitForConnectionAsync(Boolean async, CancellationToken requestCancellationToken)
at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
at System.Net.Http.HttpClient.g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)

Message 2:
IDX20804: Unable to retrieve document from: 'https://XXX.onmicrosoft.com/XX_SignUp_SignIn/v2.0/.well-known/openid-configuration'., InnerException: The request was canceled due to the configured HttpClient.Timeout of 60 seconds elapsing..

Expected behavior

Actual behavior

Possible Solution

Additional context/ Error codes / Screenshots

Any log messages given by the failure

Add any other context about the problem here, such as logs.

OS and Version?

Windows 7, 8 or 10. Linux (which distribution). macOS (Yosemite? El Capitan? Sierra?)

Versions

of ASP.NET Core, of MSAL.NET

Attempting to troubleshooting yourself:

Mention any other details that might be useful

Thanks! We'll be in touch soon.
@jennyf19
Copy link
Contributor

jennyf19 commented Jun 5, 2023

@jimmathew999 are you able to go to this URL in the browser (using your values obviously)?
https://xxx.onmicrosoft.com/XX_SignUp_SignIn/v2.0/.well-known/openid-configuration
You should be able to see the metadata.

@jimmathew999
Copy link
Author

jimmathew999 commented Jun 5, 2023
edited
Loading

@jennyf19 Yes I'm able to see the metadata. but redirection to Microsoft login is not happening. I'm getting mentioned error. I tried to trace network traffic with the security team to see any firewall blockage. nothing blocked.

  • Added all Microsoft URLs to the proxy.
  • Enabled TLS 1.2 in the registry. Disabled other TLS versions.
  • Verified certificate
  • I'm using Visual Studio 2022 17.6.1

Totally stuck with this issue. I'm troubleshooting for the past few weeks. Not getting any hints.

@jmprieur
Copy link
Contributor

jmprieur commented Jun 6, 2023

@jimmathew999 : would this article be helpful? https://github.com/AzureAD/microsoft-identity-web/wiki/Deploying-Web-apps-to-App-services-as-Linux-containers

@jmprieur jmprieur added the question Further information is requested label Jun 6, 2023
@jimmathew999
Copy link
Author

@jimmathew999 : would this article be helpful? https://github.com/AzureAD/microsoft-identity-web/wiki/Deploying-Web-apps-to-App-services-as-Linux-containers

@jmprieur thanks for your suggestion. that didn't work. I noticed that this is happening only on corporate environment which is behind proxy. on my personal laptop its working fine.

@PostImpatica
Copy link

I had this error too even though I'm not even behind a proxy. I was doing something else, can't remember what, I think trying to sign into my visual studio account and it responded with a proxy error. I was like, "what??? I'm not even behind a proxy!!". Well, I connected my development laptop to my phone's wifi hotspot and this error went away. So I guess my home internet router is doing some weird stuff, no clue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jimmathew999 @PostImpatica @jmprieur @jennyf19