You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When I first tried running the demo a month ago all worked well. I made a few modifications and saved the project to our source control. Last week, I retrieved it again and got the following error during startup:
Server Error in '/' Application.
IDX20807: Unable to retrieve document from: 'System.String'. HttpResponseMessage: 'System.Net.Http.HttpResponseMessage', HttpResponseMessage.Content: 'System.String'.
Source Error:
Line 79: try
Line 80: {
Line 81: OpenIdConnectConfiguration config = Task.Run(_configManager.GetConfigurationAsync).Result;
Line 82: _issuer = config.Issuer;
Line 83: _keys = config.SigningKeys;
Source File: C:\Temp\Repos\active-directory-b2c-dotnet-webapp-and-webapi\TaskService\App_Start\OpenIdConnectCachingSecurityTokenProvider.cs Line: 81
Stack Trace:
[IOException: IDX20807: Unable to retrieve document from: 'System.String'. HttpResponseMessage: 'System.Net.Http.HttpResponseMessage', HttpResponseMessage.Content: 'System.String'.]
Microsoft.IdentityModel.Protocols.<GetDocumentAsync>d__20.MoveNext() +1159
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +62
Microsoft.IdentityModel.Protocols.OpenIdConnect.<GetAsync>d__3.MoveNext() +391
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +62
Microsoft.IdentityModel.Protocols.<GetConfigurationAsync>d__12.MoveNext() +958
[InvalidOperationException: IDX20803: Unable to obtain configuration from: 'System.String'.]
Microsoft.IdentityModel.Protocols.<GetConfigurationAsync>d__12.MoveNext() +1739
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +62
Microsoft.IdentityModel.Protocols.<GetConfigurationAsync>d__11.MoveNext() +314
This was during the startup of the "TaskService" project, but a similar error occurs when running the "TaskWebApp" and choosing "Sign up / Sign in".
I was rather puzzled that the project stopped working, I successfully ran it a month ago.
To try to solve this, I updated a few of the NuGet packages. This gave me a more informative error:
[IOException: IDX20807: Unable to retrieve document from: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'. HttpResponseMessage: '[PII of type 'System.Net.Http.HttpResponseMessage' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]', HttpResponseMessage.Content: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.]
Microsoft.IdentityModel.Protocols.<GetDocumentAsync>d__22.MoveNext() +1112
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +62
Microsoft.IdentityModel.Protocols.OpenIdConnect.<GetAsync>d__3.MoveNext() +391
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +62
Microsoft.IdentityModel.Protocols.<GetConfigurationAsync>d__18.MoveNext() +1052
[InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://xxx.b2clogin.com/tfp/xxx.onmicrosoft.com/b2c_1_signin/v2.0/.well-known/openid-configuration'. Will retry at '31-05-23 13:46:42 +00:00'. Exception: 'System.IO.IOException: IDX20807: Unable to retrieve document from: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'. HttpResponseMessage: '[PII of type 'System.Net.Http.HttpResponseMessage' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]', HttpResponseMessage.Content: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.<GetDocumentAsync>d__22.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.<GetAsync>d__3.MoveNext()
After adding IdentityModelEventSource.ShowPII = true;, I got the real error:
[IOException: IDX20807: Unable to retrieve document from: 'https://xxx.b2clogin.com/tfp/xxx.onmicrosoft.com/b2c_1_signin/v2.0/.well-known/openid-configuration'. HttpResponseMessage: 'StatusCode: 426, ReasonPhrase: 'InvalidRequest', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
client-request-id: 941fbdda-6e4c-4f37-971b-8b70b3a54903
Date: Wed, 31 May 2023 13:52:11 GMT
Content-Length: 49
Content-Type: html/text
}', HttpResponseMessage.Content: 'This service requires use of the TLS-1.2 protocol'.]
Microsoft.IdentityModel.Protocols.<GetDocumentAsync>d__22.MoveNext() +1112
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +62
Microsoft.IdentityModel.Protocols.OpenIdConnect.<GetAsync>d__3.MoveNext() +391
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +62
Microsoft.IdentityModel.Protocols.<GetConfigurationAsync>d__18.MoveNext() +1052
It seems that TLS 1.2 is now required in Azure when retrieving the configuration. This has probably changed since my initial project check-in, causing the sudden error.
One way is to change the Registry setting as described in the article. This would fix the problem on my system without having to change the project, but other users of this demo solution would still get the error.
Another way could be to set the SecurityProtocol to include TLS 1.2 System.Net.ServicePointManager.SecurityProtocol |= System.Net.SecurityProtocolType.Tls12;
This was initially implemented in the project and reverted in #110
Finally, a potential fix is to change the httpRuntime in Web.config.
I think this issue is related to #108
When I first tried running the demo a month ago all worked well. I made a few modifications and saved the project to our source control. Last week, I retrieved it again and got the following error during startup:
This was during the startup of the "TaskService" project, but a similar error occurs when running the "TaskWebApp" and choosing "Sign up / Sign in".
I was rather puzzled that the project stopped working, I successfully ran it a month ago.
To try to solve this, I updated a few of the NuGet packages. This gave me a more informative error:
After adding
IdentityModelEventSource.ShowPII = true;
, I got the real error:It seems that TLS 1.2 is now required in Azure when retrieving the configuration. This has probably changed since my initial project check-in, causing the sudden error.
There are a few ways to fix this. See the recommendations here:
https://learn.microsoft.com/en-us/dotnet/framework/network-programming/tls
One way is to change the Registry setting as described in the article. This would fix the problem on my system without having to change the project, but other users of this demo solution would still get the error.
Another way could be to set the SecurityProtocol to include TLS 1.2
System.Net.ServicePointManager.SecurityProtocol |= System.Net.SecurityProtocolType.Tls12;
This was initially implemented in the project and reverted in #110
Finally, a potential fix is to change the httpRuntime in Web.config.
Currently, both files contain:
Changing the httpRuntime to 4.8 solves the problem for me.
I'm not sure what the original purpose of the 4.5 setting is. Is it deliberate, or was it somehow forgotten during the updated to .NET 4.8?
The text was updated successfully, but these errors were encountered: