Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot get past the 'Select Authentication System' screen, says 'Page Expired' #8

Open
nsamuels0510 opened this issue Jun 7, 2016 · 2 comments
Open

Cannot get past the 'Select Authentication System' screen, says 'Page Expired' #8

nsamuels0510 opened this issue Jun 7, 2016 · 2 comments

Comments

@nsamuels0510
Copy link

I recently set up the OAuth 2 Playground, and I am trying authenticate my MVC app with ping federate using your library. Similarly to the OAuth 2 Playground, I can get to the 'Select Authentication System' screen, I select HTMLFormSimplePCV and then the page redirects to 'Page Expired' I am never prompted for my credentials.

I updated my Startup.Auth.cs in my MVC app with your code, and client id, client secret, PingFederateUrl, and Endpoints.
@amd989
Copy link
Owner

amd989 commented Jun 8, 2016

Can you provide a fiddler trace of the whole process? I kinda need to check what you are doing.

Thanks.

@nsamuels0510
Copy link
Author

Thanks for the quick response. I actually got a little farther than my previous question by setting the IdpAdapterId = "ad..HTMLFormSimplePCV"; which showed the credentials screen but after adding Joe / 2Federate it redirects to the 'Page Expired' page...

The below link is the redirect to get the authorization from ping...which appears to work..and is redirected to the credentials screen...

https://cartman.mutare.com:9031/as/authorization.oauth2?response_type=code&client_id=JasonDev&redirect_uri=https%3A%2F%2Flocalhost%2Fsignin-pingfederate&scope=openid&state=zO2qacin1uzaL_r2JhgkYIuY9hXOgdoJY7-6fX74dGBvoe1B0QIeGiRuIrJxkj0L1Nf6Rlf6AEHwtu3_0uprv5exbgfbYtH-ESCGCv_GqlhoRJcVZCXERj9IwDZf19b4MiNZwtgYn_Q6Hgctu63CoCtagt9OWERmwVRNcFzf3NY6ZIjd4J1suMr3S6dYSvEq6Rdx1u3r1Eaa1enwzr3qgSISSyKERIQJLzlyFdGUL6SKVrnOsopSNsjVQz5YqfsHvtjd2mp1DQYy29Rn4WyK53H_xkcWxoLSed3hkYiy_5U&pfidpadapterid=ad..HTMLFormSimplePCV&nonce=c72d34e7-9322-4f62-9e72-6c012a73d575

I then supply Joe/2Federate the default user from the OAuth 2 Playground and then I am redirected to...

https://localhost:9031/as/CnYAz/resume/as/authorization.ping

which fails. I took your code from the Startup.Auth.cs from the Working Client solution, and updated the variables, and changed metadata=false, and added the endpoints because I could not get it working at all without that change from your code.. I also tried to increase the session timeout but that also did not help.

Not sure what I am missing....any help would be great. I added my code below from my Startup.Auth.cs MVC project.

        AntiForgeryConfig.UniqueClaimTypeIdentifier = "antiforgery";
        const string Cookies = "PingFederateCookie";
        app.SetDefaultSignInAsAuthenticationType(Cookies);
        const int SessionTimeout = 15;
        app.UseCookieAuthentication(
            new CookieAuthenticationOptions
            {
                LoginPath = new PathString("/"),
                AuthenticationMode = AuthenticationMode.Active,
                AuthenticationType = Cookies,
                ExpireTimeSpan = TimeSpan.FromMinutes(SessionTimeout),
                CookieSecure = CookieSecureOption.SameAsRequest,
                CookiePath = "/",
                SlidingExpiration = true
            });

        // SET UP VARIABLES
        const string ClientId = "JasonDev";
        const string ClientSecret = "ZQCiariIsI9pN5E3Of4DaIBtQcUXM4dWU2djuFAyxc1oEKkmrsQYgrrVnCP8wFvY";
        const string Scopes = "openid";
        const string PingServer = "https://cartman.mutare.com:9031";
        const string IdpAdapterId = "ad..HTMLFormSimplePCV"; 

        app.UsePingFederateAuthentication(
            new PingFederateAuthenticationOptions
            {
                ClientId = ClientId,
                ClientSecret = ClientSecret,
                //RequestUserInfo = false,
                AuthenticationMode = AuthenticationMode.Active,
                Scope = Scopes.Split(' '),
                PingFederateUrl = PingServer,
                 IdpAdapterId = IdpAdapterId,
                DiscoverMetadata = false,
                Endpoints = new Owin.Security.Providers.PingFederate.PingFederateAuthenticationEndpoints()
                {
                    AuthorizationEndpoint = PingServer + PingFederateAuthenticationOptions.AuthorizationEndPoint,
                    TokenEndpoint = PingServer + PingFederateAuthenticationOptions.TokenEndpoint,
                    UserInfoEndpoint = PingServer + PingFederateAuthenticationOptions.UserInfoEndpoint
                },
                SignInAsAuthenticationType = Cookies,
                Provider = new PingFederateAuthenticationProvider
                {
                    OnAuthenticated = context =>
                    {
                        context.Identity.AddClaim(new Claim("antiforgery", Guid.NewGuid().ToString()));

                        return Task.FromResult(0);
                    }
                }
            });

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@amd989 @nsamuels0510