You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Clean user - never been to site - no identity db entries - no battle.net correlation to OAuth Application (Battlenet/identity account combo have never seen this application).
Reproduction:
Log In (upper right nav)
Log Into Battle.Net (main body link)
Press Cancel button (On Battle.Net's signin page)
3a) (note) unselecting wow-profile and clicking continue works as expected
Redirects to our /signin-battlenet(?) which is the standard url for a successful signin and is handled by the 3rd party provider... 3rd party provider does not properly pick up on the "cancel" and throws a 500 error. Regardless of Debug mode, details of this error are not provided.
Is a redirect to me happening beyond /signin-battlenet that I haven't detected? Let me know....
Or is it an issue with the base OAuth Provider? (quickly! RC2 is imminent ;)
I doubt the CookieAuth is conflicting - it's a separate cookie, separate auth process that brings insecure claims down to where I can access certain info without https. No calls are made in regards to this prior to battle.net redirecting back to /signin-battlenet.
The text was updated successfully, but these errors were encountered:
In RC2, the handler no longer returns a 500 response but directly throws an exception. If the exception is not caught by one of the middleware registered before the social provider, the server is responsible of intercepting it and returning a 500 response.
To stop using the default logic (which is... well; not super user-friendly 😄), the recommended approach is to use the RemoteError event to redirect the user agent to an error page.
That said, I agree the default experience sucks. I'm pretty sure we had plans to introduce an AccessDeniedPath property, but I can't find the corresponding work item.
I'll move your ticket to the aspnet/Security repository.
Not sure if this has been addressed yet:
ASP.NET Core RC1 Sample application (VS 2015 Community - not update 1)
project.json (public nuget)
"AspNet.Security.OAuth.BattleNet": "1.0.0-alpha3",
Clean user - never been to site - no identity db entries - no battle.net correlation to OAuth Application (Battlenet/identity account combo have never seen this application).
Startup ConfigureServices:
Startup Configure:
I doubt the CookieAuth is conflicting - it's a separate cookie, separate auth process that brings insecure claims down to where I can access certain info without https. No calls are made in regards to this prior to battle.net redirecting back to /signin-battlenet.
The text was updated successfully, but these errors were encountered: