Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No webpage was found for the web address: http://127.0.0.1:50000/signin-steam #71

Closed
kamilk91 opened this issue Feb 6, 2020 · 4 comments
Closed

No webpage was found for the web address: http://127.0.0.1:50000/signin-steam #71

kamilk91 opened this issue Feb 6, 2020 · 4 comments
Labels
question

Comments

@kamilk91
Copy link

kamilk91 commented Feb 6, 2020

Describe the bug

No webpage was found for the web address: http://127.0.0.1:50000/signin-steam

services.AddAuthentication().AddSteam(options =>
            {
                options.ApplicationKey = "xx";
                options.SaveTokens = true;
                
                options.Events.OnTicketReceived = context_ =>
                {
                    var steamUserAsClaims = context_.Principal;
                    var identityUser = context_.HttpContext.User;

                    return Task.CompletedTask;

                };
                options.Events.OnAuthenticated = context_ =>
                {
                    var steamUserAsClaims = context_.Identity;
                    var nameIdentifier = steamUserAsClaims.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier)?.Value;
                    var name = steamUserAsClaims.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Name)?.Value;

                    // NOPE: Identity user not initialized yet in context_.HttpContext.User

                    context_.HttpContext.User.Claims.Append(new Claim(ClaimTypes.NameIdentifier, nameIdentifier));
                    context_.HttpContext.User.Claims.Append(new Claim(ClaimTypes.Name, name));

                    return Task.CompletedTask;
                };

            });

Expected behaviour
Working callback path

Actual behaviour
404, i dont know how to create callback path which alllows me to manage data from Steam.
@martincostello
Copy link
Member

Have you also added the appropriate middlewares (and in the right order) like in the sample application?

AspNet.Security.OpenId.Providers/samples/Mvc.Client/Startup.cs

Lines 57 to 69 in f5dde16

public void Configure(IApplicationBuilder app)
{
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapDefaultControllerRoute();
});

@kevinchalet
Copy link
Member

Closing, as I believe your issue was caused by a missing middleware (typically, app.UseAuthentication()).

@kamilk91
Copy link
Author

Hi, i have to re-open issue.

Now i have Kestrel Server, fully configured with your tips. Problem is (propably) that im using Nginx reverse proxy, and it begins again:

image

My configuration:
Startup:

readonly string MyAllowSpecificOrigins = "_myAllowSpecificOrigins";


        private void CheckSameSite(HttpContext httpContext, CookieOptions options)
        {
            if (options.SameSite == SameSiteMode.None)
            {
                var userAgent = httpContext.Request.Headers["User-Agent"].ToString();

                options.SameSite = (SameSiteMode)(-1);

            }
        }

        public void ConfigureServices(IServiceCollection services)
        {

            //services.AddGrpc();
            services.AddAuthentication(options =>
            {
                options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            })
            .AddCookie(options =>
            {
                options.LoginPath = "/login";
                options.LogoutPath = "/signout";
            })

            .AddOpenId("Orange", "Orange", options =>
            {
                options.Authority = new Uri("https://openid.orange.fr/");
                options.CallbackPath = "/signin-orange";
            })

            .AddOpenId("StackExchange", "StackExchange", options =>
            {
                options.Authority = new Uri("https://openid.stackexchange.com/");
                options.CallbackPath = "/signin-stackexchange";
            })

            .AddOpenId("Intuit", "Intuit", options =>
            {
                options.CallbackPath = "/signin-intuit";
                options.Configuration = new OpenIdAuthenticationConfiguration
                {
                    AuthenticationEndpoint = "https://openid.intuit.com/OpenId/Provider"
                };
            })

            .AddSteam();
            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_3_0);
            services.AddLogging();

            services.AddCors(options =>
            {
                options.AddPolicy(MyAllowSpecificOrigins,
                builder =>
                {
                    builder.WithOrigins("*")
                    .AllowAnyHeader()
                    .AllowAnyOrigin()
                    .AllowAnyMethod();
                });
            });

            services.Configure<CookiePolicyOptions>(options =>
            {
                options.MinimumSameSitePolicy = (SameSiteMode)(-1);
                options.OnAppendCookie = cookieContext =>
                    CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
                options.OnDeleteCookie = cookieContext =>
                    CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
            });


        }
        public void Configure(IApplicationBuilder app, ILoggerFactory logger)
        {

            logger.CreateLogger("Logging");



            app.UseStaticFiles();
            app.UseRouting();
            app.UseAuthentication();
            app.UseAuthorization();
            app.UseEndpoints(endpoints =>
            {
                endpoints.MapDefaultControllerRoute();

            });
            app.Use((context, next) =>
            {
                context.Response.Headers.Add("Access-control-allow-headers", "Content-Type, Accept, X-Requested-With, method");
                context.Response.Headers.Add("Access-control-allow-methods", "GET, POST, DELETE, PUT, OPTIONS, HEAD");
                context.Response.Headers.Add("Access-control-allow-origin", "*");
                context.Response.Headers.Add("Access-control-allow-credentials", "true");
                return next.Invoke();
            });
            app.UseCors(option => option.WithHeaders("accept", "content-type", "origin"));
            app.UseCookiePolicy();
            app.UseCors(MyAllowSpecificOrigins);
            app.UseHsts();
            app.UseHttpsRedirection();
        }


    }

Program.cs

var host = new WebHostBuilder()
                .UseKestrel()
                .UseUrls($"{env_config.KestrelURL}")
                .UseStartup<Startup>()
                .ConfigureLogging(l =>
               {
                   l.ClearProviders();
                   l.AddConsole();
               })
                .Build();

If user is Logged into steam redirection after taking SteamId works fine, but if user has to provide password, or confirm "Continue as xxxx" app redirecting him to 127.0.0.1:50000.

NGinx listening to 50000 on localhost, and proxing it to subdomain "secure.example.com".

@kamilk91 kamilk91 mentioned this issue May 26, 2020
Closed
@martincostello
Copy link
Member

Have you configured nginx and/or Kestrel appropriately to forward on the host header and to be a trusted proxy for headers like x-forwarded-for and x-forwarded-proto?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Milestone
No milestone
Development

No branches or pull requests
3 participants
@martincostello @kevinchalet @kamilk91