days ago.

How to avoid NullReferenceException in C#

Cheng Yang

I have been working as a software developer for almost three years, the most common exception or bug I made is NullReferenceException -Sy...

.NET C#

Read now

days ago.

Getting Started Testing Vue Components

Andrew Rady

Testing is an important step we can take as developers to reduce bugs in our code, but testing seems to be one of the best practices that...

Vue.js Jest Testing

Read now

days ago.

How ConveyUX Can Convey Good Ideas

Natasha Kurus

Last week I attended the annual user experience conference Convey UX in Seattle, where 50 UX leaders from all over the world shared their...

UI/UX frontend conference conveyux2020 conveyux

Read now

days ago.

Running Database Migrations On Web Application St...

Ken Dale

We run a number of web applications at Ritter Insurance Marketing. Our primary datastore for these applications is MSSQL / SQL Azure. Our...

SQL

Read now

days ago.

Building ASP.NET Core 3.1 Apps To Organizational ...

Ken Dale

We’ve been working through upgrading our core applications from ASP.NET full framework to ASP.NET Core. Over the years we’ve assembled an...

.NET

Read now

days ago.

What Works and What Doesn't With ConfigurationMan...

Ken Dale

ConfigurationManager has long been used by .NET Framework developers prior to .NET Core to access things like app settings and connection...

.NET

Read now

days ago.

Regex Performance With and Without RegexOptions.C...

Ken Dale

We’ve had some internal discussion around the usage of RegexOptions.Compiled in .NET – how it works and when it’s appropriate to use it. ...

.NET

Read now

days ago.

Logging ASP.NET Web API 2 Failed Request Body to ...

Ken Dale

Debugging web applications can be difficult sometimes. When debugging a failed HTTP GET request in Application Insights you have all of t...

.NET

Read now

days ago.

Using forEach for IE 11

Andrew Rady

Supporting IE comes with challenges if you are using es6, and while babel helps greatly there is a few gotcheas. One of the main one is u...

JavaScript IE 11

Read now

days ago.

Understanding Dart Sass modules and namespaced va...

Kevin Hougasian

For a long time, we were dependent on the CSS frameworks of others – and we were quite happy. 😀 As our needs grew, we needed a framework...

Sass Dart Sass

Read now

days ago.

Autofac: Eager vs Lazy Construction During Regist...

Ken Dale

Autofac is an inversion of control container for .NET. It allows developers to register items and then later use those registrations to i...

.NET

Read now

days ago.

Writing a Browser Compatible Date Input

Jaime Jones

Working with dates can seem a little daunting sometimes. We need specific formatting, and hopefully we don’t have to deal with timezones ...

JavaScript Vue HTML

Read now

days ago.

Non Pro/Premier SendGrid Accounts May Have Issues...

Ken Dale

We recently started using SendGrid to send emails in production. As part of that, we noticed that emails to outlook.com, hotmail.com, msn...

SendGrid

Read now

days ago.

Vue 3 Composition API

Seth Kline

Have you found yourself getting lost in large Vue components that have multiple features? The Composition API is a new optional syntax in...

vue3 composition frontend development

Read now

days ago.

Upcoming Google Chrome SameSite Change Breaks Our...

Ken Dale

According to https://www.chromestatus.com/feature/5088147346030592 at the time of this blog post Chrome 80 is targeted to default cookies...

.NET

Read now

days ago.

A Case Of Newtonsoft.Json, TypeNameHandling.All, ...

Ken Dale

Our RimDev.FeatureFlags library uses Newtonsoft.Json as part of roundtripping the on/off state in SQL. With that we use TypeNameHandling....

.NET

Read now

days ago.

Ordering of static fields in C# matters

Bill Boga

I never thought ordering of relational static fields and properties in C# mattered. And, then, I started getting NREs on a property I kno...

Read now

days ago.

Avoiding a LINQ FirstOrDefault mishap

Bill Boga

.NET’s LINQ library has extension-methods that will return a default-value if not found in a collection. These are a great time-saver if ...

.NET LINQ

Read now

days ago.

Artifact Conference 2019

Seth Kline

How are we building our websites? Are they truly for everyone or if we ask ourselves honestly are they just for us? The way we currently ...

care performance UI/UX frontend development

Read now

Windows Azure, IdentityServer3, and Valid Issuers

Written by Khalid Abuhakmeh |Bill Boga |Ken Dale

This post is days old.

At Ritter Insurance Marketing, we utilize IdentityServer3 for our authentication mechanism. It has been almost a year of hosting in Windows Azure with great success. While it has been a positive experience, but there has been one frustrating issue. Unpredictably, our authentication system would break, leaving our applications inaccessible. We started noticing a specific exception in our error log when these events would occur:

System.IdentityModel.Tokens.SecurityTokenInvalidIssuerException

IDX10205: Issuer validation failed. Issuer: 'https://auth.ritterim.com/identity'.  \
Did not match: validationParameters.ValidIssuer: 'null' or validationParameters.ValidIssuers: \
'https://auth.ritterim.com/, https://rim-auth-east.azurewebsites.net/identity'.

We have noticed that the Issuer url value being provided by an authentication request changes randomly in Windows Azure. The unknown bug causes our applications to break. While the change is random, the expected issuer urls are not. We have narrowed it down to these known variations.

https://{custom domain name}.com
https://{custom domain name}.com/identity
https://{azure app name}.azurewebsites.net
https://{azure app name}.azurewebsites.net/identity

To setup the valid issuers for IdentityServer3, we just use the APIs provided by the library.

app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
    // other settings...
    TokenValidationParameters = new TokenValidationParameters()
    {
        AuthenticationType = "Cookies",
        // a comma seperated list of urls
        ValidIssuers = config.ValidIssuers
    }
    // other settings...
});

We hope we’ve found all the variations, and for the last several weeks our authentication has become a lot more stable. I hope this helps anyone experiencing issues with IdentityServer3 and Windows Azure.

Published Jan 16, 2016 by

Director of Software Development (Former)

Senior Software Developer

Senior Application Developer

Security

Windows Azure

How to avoid NullReferenceException in C#

Getting Started Testing Vue Components

How ConveyUX Can Convey Good Ideas

Running Database Migrations On Web Application St...

Building ASP.NET Core 3.1 Apps To Organizational ...

What Works and What Doesn't With ConfigurationMan...

Regex Performance With and Without RegexOptions.C...

z-index Is Confusing, but It Doesn't Have to Be

Logging ASP.NET Web API 2 Failed Request Body to ...

Using forEach for IE 11

Understanding Dart Sass modules and namespaced va...

Autofac: Eager vs Lazy Construction During Regist...

Writing a Browser Compatible Date Input

Non Pro/Premier SendGrid Accounts May Have Issues...

Vue 3 Composition API

Upcoming Google Chrome SameSite Change Breaks Our...

A Case Of Newtonsoft.Json, TypeNameHandling.All, ...

Ordering of static fields in C# matters

Avoiding a LINQ FirstOrDefault mishap

Artifact Conference 2019

Windows Azure, IdentityServer3, and Valid Issuers

Comments

Windows Azure, IdentityServer3, and Valid Issuers

Deprecating Subdomains Effectively With Windows Azure and IIS

Secure Global Stuntman Users With Windows Azure Blob Storage

Considering Hangfire In Windows Azure Instead Of WebJobs

Deploying Jekyll to Windows Azure App Services

Comments