As a team empowered by .NET open source, we’ve always been sensitive to the people, projects, and conferences that make the .NET communit...
conference oss teamThe RIMdev team composition is a unique blend of disciplines forged in the crucible of time. We have backend developers, frontend develop...
Vue.js JavaScript frontend clientsidePreviously, I wrote about Publishing to npm Using AppVeyor. This is a similar post, but specifically geared toward publishing an npm pack...
AppVeyor npm MyGetStuntman is an open source library we developed at RIMdev to make testing user scenarios easier during development time. There are times ...
Windows Azure Azure Stuntman OSSTypically, running a Jekyll site locally for the first time requires a basic knowledge of using the command line. It usually involves a f...
jekyllA picture is worth a thousand words, so I assume a diagram is worth a billion words. Expressing our ideas is important and our blog is an...
JekyllBefore claiming we are in a Renaissance or that it is time for one, we should take the time to understand the meaning of the word and its...
.NET Community OSSAppVeyor does not currently provide built-in support for publishing to npm (at least, currently). Instead, we can provide the npm token a...
AppVeyor npmAt RimDev we’re trying to rethink the way we build our frontend. We have so many properties with common functionality, and it was startin...
Web components JavaScriptAt RIMdev, we are attempting to layer Hypermedia concepts into our APIs. One of these concepts is to have a collection of links to relate...
Web API ASP.NETTranscript Hello my name is Khalid Abuhakmeh and in this video I’ll be presenting an ASP.NET OWIN middleware library designed to eas...
video stuntman OSSHere’s some copy-pastable commands for creating SQL Server Express LocalDb instances: "C:\Program Files\Microsoft SQL Server\110\Tool...
LocalDbWelcome back for another edition of Under the Decision Tree. Our weekly selection of machine learning articles, podcasts, conferences, a...
Machine LearningOne of my early challenges at RIMdev was to create a RIMdev logo. Something that worked with the existing RitterIM knight, but also let u...
RIMdev Team DesignRather than enjoying some R&R during our recent holiday vacation, I worked on a small side project and was rewarded with an aching ri...
DevelopmentWelcome back for another edition of Under the Decision Tree. Our weekly selection of machine learning articles, podcasts, conferences, a...
Machine LearningWe are all in when it comes to static site generation. With [Windows Azure][azure] [GitHub][github] integration, it has never been easier...
question architecture jekyllElasticsearch is a best of breed search platform, but before you can search, you’ll need to import your documents. Being a .NET shop, we ...
search elasticsearchHappy New Year and Welcome back for another edition of Under the Decision Tree. Our weekly selection of machine learning articles, podca...
Machine LearningWe’ve made some good contributions to the world of open source this year. Our major projects are listed at our open source page. Stuntma...
OSS .NET npmAt Ritter Insurance Marketing, we utilize IdentityServer3 for our authentication mechanism. It has been almost a year of hosting in Windows Azure with great success. While it has been a positive experience, but there has been one frustrating issue. Unpredictably, our authentication system would break, leaving our applications inaccessible. We started noticing a specific exception in our error log when these events would occur:
System.IdentityModel.Tokens.SecurityTokenInvalidIssuerException
IDX10205: Issuer validation failed. Issuer: 'https://auth.ritterim.com/identity'. \
Did not match: validationParameters.ValidIssuer: 'null' or validationParameters.ValidIssuers: \
'https://auth.ritterim.com/, https://rim-auth-east.azurewebsites.net/identity'.
We have noticed that the Issuer url value being provided by an authentication request changes randomly in Windows Azure. The unknown bug causes our applications to break. While the change is random, the expected issuer urls are not. We have narrowed it down to these known variations.
https://{custom domain name}.comhttps://{custom domain name}.com/identityhttps://{azure app name}.azurewebsites.nethttps://{azure app name}.azurewebsites.net/identityTo setup the valid issuers for IdentityServer3, we just use the APIs provided by the library.
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
// other settings...
TokenValidationParameters = new TokenValidationParameters()
{
AuthenticationType = "Cookies",
// a comma seperated list of urls
ValidIssuers = config.ValidIssuers
}
// other settings...
});
We hope we’ve found all the variations, and for the last several weeks our authentication has become a lot more stable. I hope this helps anyone experiencing issues with IdentityServer3 and Windows Azure.
