Please update
Need help with the 500 Internal Server Error while authenticating Azure Active Directory using SAML in .Net 6.0 Core
Swamynathan Karthikeyan
5
Reputation points
I'm getting the 500 Internal Server Error while authenticating Azure Active Directory using SAML in .Net 6.0 Core. The same piece of code works in Dev and Qa but fails in Prod environment.
Below is the error message:
IDX20803: Unable to obtain configuration from: 'System.String'. ==>
at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)\r\n
at Microsoft.AspNetCore.Authentication.WsFederation.WsFederationHandler.HandleChallengeAsync(AuthenticationProperties properties)\r\n
at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.ChallengeAsync(AuthenticationProperties properties)\r\n
at Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, String scheme, AuthenticationProperties properties)\r\n
at Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult)\r\n
at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)\r\n
at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)
Below is the code in Starup.cs -> ConfigureServices
var rawCertData = Convert.FromBase64String(Configuration.GetValue<string>("SamlBase64String"));
X509Certificate2 cert = new X509Certificate2(rawCertData);
SecurityKey signingKey = new X509SecurityKey(cert);
var _tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = false,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidAudience = Configuration.GetValue<string>("SamlentityId"),
IssuerSigningKey = signingKey
};
servicesCollection.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = WsFederationDefaults.AuthenticationScheme;
})
.AddWsFederation(options =>
{
options.Wtrealm = Configuration.GetValue<string>("SamlentityId");
options.MetadataAddress = Configuration.GetValue<string>("SamlMetadataAddress");
options.CallbackPath = Configuration.GetValue<string>("SamlCallbackPath");
options.TokenValidationParameters = _tokenValidationParameters;
options.RequireHttpsMetadata = true;
options.Events.OnSecurityTokenValidated = async ctx =>
{
//Get valid used from ctx
Developer technologies | ASP.NET | ASP.NET Core
4,827 questions