days ago.

Why Does window.exports Unexpectedly Exist?

Ken Dale

We ran across an issue where window.exports was being unexpectedly set. The cause <div id="exports"> ... </div> Why? ...

JavaScript

Read now

days ago.

DbDataReader and SQL Server Data Chunking

Bill Boga

TL;DR Using ExecuteReader against SQL Server with a query using for xml or for json causes data to be chunked. A single call to ExecuteR...

.NET .NET Core 2.0 JSON XML SQL Server

Read now

days ago.

Why We Use Nullables On Our ASP.NET Web API 2 Req...

Khalid Abuhakmeh

At Ritter Insurance Marketing, we continue to invest heavily in Web APIs primarily built on top of ASP.NET Web API 2. To supplement our A...

asp.net WebAPI REST

Read now

days ago.

css prefixes, yes pleeease

Kevin Hougasian

If you CSS, you’re familiar with the browser -prefix. Chrome and Safari have -webkit, -moz for Firefox/Mozilla, and -ms for Edge. As brow...

css

Read now

days ago.

Material design-like form animations for Semantic UI

Kevin Hougasian

We decided not to use Material Design (#reasons) while re-developing our core application suite, although i really miss MD’s micro-intera...

UI Sass Semantic UI

Read now

days ago.

Avoid the Duplicate AppVeyor Publish: Deploying O...

Ken Dale

Sometimes it’s useful to ensure a project works with multiple versions of runtimes. In the following example, multiple versions of Node.j...

AppVeyor

Read now

days ago.

Making a Web Request After an AppVeyor Deployment...

Ken Dale

For ASP.NET applications it can be useful to make a request to an application immediately after deployment to bring the application onlin...

AppVeyor

Read now

days ago.

My Current GitHub Command Line Workflow

Ken Dale

https://xkcd.com/1597/ While I generally don’t do that, here’s what I currently do: Setting up a repository locally Using Stuntman as...

GitHub

Read now

days ago.

.NET Fringe Portland Oregon 2017 With RIMdev

Khalid Abuhakmeh

As a team empowered by .NET open source, we’ve always been sensitive to the people, projects, and conferences that make the .NET communit...

conference oss team

Read now

days ago.

Khalid's Initial Thoughts On Vue.js

Khalid Abuhakmeh

The RIMdev team composition is a unique blend of disciplines forged in the crucible of time. We have backend developers, frontend develop...

Vue.js JavaScript frontend clientside

Read now

days ago.

Publishing npm Packages to MyGet Using AppVeyor

Ken Dale

Previously, I wrote about Publishing to npm Using AppVeyor. This is a similar post, but specifically geared toward publishing an npm pack...

AppVeyor npm MyGet

Read now

days ago.

Secure Global Stuntman Users With Windows Azure B...

Khalid Abuhakmeh

Stuntman is an open source library we developed at RIMdev to make testing user scenarios easier during development time. There are times ...

Windows Azure Azure Stuntman OSS

Read now

days ago.

A Double-Click Experience for Running Jekyll on W...

Ken Dale

Typically, running a Jekyll site locally for the first time requires a basic knowledge of using the command line. It usually involves a f...

jekyll

Read now

days ago.

Adding Mermaid To RIMdev.io

Khalid Abuhakmeh

A picture is worth a thousand words, so I assume a diagram is worth a billion words. Expressing our ideas is important and our blog is an...

Jekyll

Read now

days ago.

What Is A Renaissance And What Does It Have To Do...

Khalid Abuhakmeh

Before claiming we are in a Renaissance or that it is time for one, we should take the time to understand the meaning of the word and its...

.NET Community OSS

Read now

days ago.

Publishing to npm Using AppVeyor

Ken Dale

AppVeyor does not currently provide built-in support for publishing to npm (at least, currently). Instead, we can provide the npm token a...

AppVeyor npm

Read now

days ago.

The Component Life: Creating Reusable Web Components

Nathan White

At RimDev we’re trying to rethink the way we build our frontend. We have so many properties with common functionality, and it was startin...

Web components JavaScript

Read now

days ago.

Get Current Route Name From ASP.NET Web API Request

Khalid Abuhakmeh

At RIMdev, we are attempting to layer Hypermedia concepts into our APIs. One of these concepts is to have a collection of links to relate...

Web API ASP.NET

Read now

days ago.

Using Stuntman with ASP.NET MVC Video

Khalid Abuhakmeh

Transcript Hello my name is Khalid Abuhakmeh and in this video I’ll be presenting an ASP.NET OWIN middleware library designed to eas...

video stuntman OSS

Read now

days ago.

Creating SQL Server Express LocalDb v11, v12, v13...

Ken Dale

Here’s some copy-pastable commands for creating SQL Server Express LocalDb instances: "C:\Program Files\Microsoft SQL Server\110\Tool...

LocalDb

Read now

Windows Azure, IdentityServer3, and Valid Issuers

Written by Khalid Abuhakmeh |Bill Boga |Ken Dale

This post is days old.

At Ritter Insurance Marketing, we utilize IdentityServer3 for our authentication mechanism. It has been almost a year of hosting in Windows Azure with great success. While it has been a positive experience, but there has been one frustrating issue. Unpredictably, our authentication system would break, leaving our applications inaccessible. We started noticing a specific exception in our error log when these events would occur:

System.IdentityModel.Tokens.SecurityTokenInvalidIssuerException

IDX10205: Issuer validation failed. Issuer: 'https://auth.ritterim.com/identity'.  \
Did not match: validationParameters.ValidIssuer: 'null' or validationParameters.ValidIssuers: \
'https://auth.ritterim.com/, https://rim-auth-east.azurewebsites.net/identity'.

We have noticed that the Issuer url value being provided by an authentication request changes randomly in Windows Azure. The unknown bug causes our applications to break. While the change is random, the expected issuer urls are not. We have narrowed it down to these known variations.

https://{custom domain name}.com
https://{custom domain name}.com/identity
https://{azure app name}.azurewebsites.net
https://{azure app name}.azurewebsites.net/identity

To setup the valid issuers for IdentityServer3, we just use the APIs provided by the library.

app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
    // other settings...
    TokenValidationParameters = new TokenValidationParameters()
    {
        AuthenticationType = "Cookies",
        // a comma seperated list of urls
        ValidIssuers = config.ValidIssuers
    }
    // other settings...
});

We hope we’ve found all the variations, and for the last several weeks our authentication has become a lot more stable. I hope this helps anyone experiencing issues with IdentityServer3 and Windows Azure.

Published Jan 16, 2016 by