Do you want to save 80% of your bandwidth to your search provider? Do you want to deliver content to your users faster? With this one tr...
Development Elasticsearch DebuggingWe operate in a typical QA -> Production workflow on both our front-end and back-end teams. So, what happnes when your front-end is in...
Development JavaScript Dev Ops Vue Vue.js JekyllIf you’re not familiar, or just haven’t used Sass maps, here’s your chance to dive in. Our latest static site was built on Jekyll using ...
sassIn JavaScript, we are always working with different data types to send to the API or display on the UI. Cloning and altering that clone i...
JavaScriptC# being an Object Oriented Programming (OOP) language, we have access to inheritance. Like any feature of a programming language, you sh...
csharp bugsWe love the combination of SQL and Elasticsearch and believe it is a winning combination for anyone building a modern application. Elasti...
Elasticsearch NEST C#I’ve been watching [DotNetConf][dotnetconf] videos over the weekend, and was most curious about [Mads Torgersen’s][mads] [“What’s Coming ...
c-sharp C# .NETHugo is an amazing static site generator, but getting lost when templating is easier than we’d like. We’ve found a way to evaluate variab...
Hugo JAMStack StaticRegardless of your opinion on Object Relational Mappers (ORM), I think they are a great tool for prototyping ideas. Over time, they can l...
.net core sqlDealing with JSON data in SQL Database introduces several challenges. This post addresses querying json data stored in SQL Database that...
SQL Azure Database developmentWe are in the middle of writing a template engine to define dynamic forms. The user interface can only post to a known model on the serve...
C# developmentWe are living on the bleeding edge that is Hugo’s release cycle. To keep our macOS development environments up to date we wrote this shel...
developmentHugo recently released an amazing asset pipeline, which means you need less external dependencies to build a sweet static site. To take a...
dev buildI could probably rant and rave about Internet Explorer (IE) for a couple of hours, reminiscing about busted box models, janky IE specific...
IE Development JavaScriptVue has been a delightful framework to work with. The first thing I noticed about it was how easy to follow the documentation was and how...
Vue Development JavaScriptWith the news that Microsoft is acquiring GitHub, I thought I would ask the team what their thoughts are on the topic. We utilize the .NE...
Security is an essential part of any application ecosystem, but it can also be a nebulous concept for an organization to grasp. During ou...
developmentLet’s say you are developing a new Infinity War SQL stored procedure. Thanos, your boss, has explicity told you to add validation to a st...
development c# sqlData can often be messy and cleaning it up falls on the shoulders of you, the developer. It’s also easy to search StackOverflow for compl...
developmentReferencing nested objects in your LINQ to SQL query does some pretty neat magic “behind the scenes”. But, there are occasions when its m...
EF SQLAt Ritter Insurance Marketing, we utilize IdentityServer3 for our authentication mechanism. It has been almost a year of hosting in Windows Azure with great success. While it has been a positive experience, but there has been one frustrating issue. Unpredictably, our authentication system would break, leaving our applications inaccessible. We started noticing a specific exception in our error log when these events would occur:
System.IdentityModel.Tokens.SecurityTokenInvalidIssuerException
IDX10205: Issuer validation failed. Issuer: 'https://auth.ritterim.com/identity'. \
Did not match: validationParameters.ValidIssuer: 'null' or validationParameters.ValidIssuers: \
'https://auth.ritterim.com/, https://rim-auth-east.azurewebsites.net/identity'.
We have noticed that the Issuer url value being provided by an authentication request changes randomly in Windows Azure. The unknown bug causes our applications to break. While the change is random, the expected issuer urls are not. We have narrowed it down to these known variations.
https://{custom domain name}.comhttps://{custom domain name}.com/identityhttps://{azure app name}.azurewebsites.nethttps://{azure app name}.azurewebsites.net/identityTo setup the valid issuers for IdentityServer3, we just use the APIs provided by the library.
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
// other settings...
TokenValidationParameters = new TokenValidationParameters()
{
AuthenticationType = "Cookies",
// a comma seperated list of urls
ValidIssuers = config.ValidIssuers
}
// other settings...
});
We hope we’ve found all the variations, and for the last several weeks our authentication has become a lot more stable. I hope this helps anyone experiencing issues with IdentityServer3 and Windows Azure.
