0

I am new to Asp.Net Core identity.

I have configured the startup as per below. When I run the code in a normal and incognito browser I get the below error.

I have cleared cookies as previous questions have suggested. What is interesting is a high number of cookies get created when loading the sign screen.

My issue is similar to those described in the below old articles. Both solutions seem outdated.

enter image description here

enter image description here

using d365fl.DocumentGenerator.blazor_frontend.Data;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Components;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Mvc.Authorization;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.Identity.Web;
using Microsoft.IdentityModel.Logging;

namespace d365fl.DocumentGenerator.blazor_frontend
{
public class Startup
{
    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
    public void ConfigureServices(IServiceCollection services)
    {

        ConfigureIdentiy(services);

        services.AddRazorPages();
        services.AddServerSideBlazor();
        services.AddSingleton<WeatherForecastService>();
    }

    private void ConfigureIdentiy(IServiceCollection services)
    {
        services.AddMicrosoftIdentityWebAppAuthentication(Configuration, "AzureAdB2C");

        services.AddControllersWithViews(options =>
        {
            var policy = new AuthorizationPolicyBuilder()
                .RequireAuthenticatedUser()
                .Build();
            options.Filters.Add(new AuthorizeFilter(policy));
        });

        services.Configure<OpenIdConnectOptions>(Configuration.GetSection("AzureAdB2C"));
    }
    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
            IdentityModelEventSource.ShowPII = true;
        }
        else
        {
            app.UseExceptionHandler("/Error");
            // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();

        app.UseRouting();

        app.UseAuthentication();
        app.UseAuthorization();

        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllers();
            endpoints.MapBlazorHub();
            endpoints.MapFallbackToPage("/_Host");
        });
    }
}

}

EDIT 1 - HTTP Request from Developer Toolbar enter image description here

EDIT 2 - Screen Shot of Cookie data from Developer Toolbar / Network Tab enter image description here

user3845056
  • 489
  • 7
  • 25
  • It may be caused by too many cookies. See https://stackoverflow.com/questions/46100272/azure-portal-bad-request-request-too-long?answertab=votes#tab-top. – Allen Wu Apr 02 '21 at 05:55
  • That is exactly the problem. However, the cookies are generated because of some type of infinite loop/multiple requests back and forth from the application to the login screen. Excuse the poor terminology AD Auth is new to me. – user3845056 Apr 03 '21 at 03:51

1 Answers1

0

As we discussed in the comment, the issue is cause by too many cookies.

Please clear your cookies and modify your code to avoid endless loops and back and forth requests.

See this answer for more details.

Allen Wu
  • 15,529
  • 1
  • 9
  • 20
  • I have cleared the cookies. I have tried reducing the number of Claims as per the mentioned article. I have also tried a different browser and a different browser in private mode. Unfortunately, this has not resolved the issue. :( – user3845056 Apr 05 '21 at 14:23
  • @user3845056 Can you use a capture tool to grab the request to view how long the header is? – Allen Wu Apr 06 '21 at 07:14
  • please see edit "EDIT 1 - HTTP Request from Developer Toolbar" above it has a screenshot showing the request is 442b, which does not seem that big. Have I captured the right thing? – user3845056 Apr 10 '21 at 16:51
  • @user3845056 Not sure. Is it convenient to share the content? – Allen Wu Apr 12 '21 at 01:55
  • see EDIT 2 - Screen Shot of Cookie data from Developer Toolbar / Network Tab. There is a very large amount of data for a cookie. – user3845056 Apr 13 '21 at 15:17
  • I have also added links to similar issues but the solutions on these articles seem outdated https://www.javaer101.com/en/article/18781756.html and https://blog.bitscry.com/2018/09/19/azure-ad-request-too-long/ – user3845056 Apr 13 '21 at 15:22