Feature flags can be useful for changing the runtime behavior of an application with minimal impact. Having a UI to toggle the feature fl...
.NET asp.net coreWhat is a machine key? According to https://docs.microsoft.com/en-us/dotnet/api/system.web.security.machinekey?view=netframework-4.7.2 a...
.NET asp.netWe’re in the process of upgrading our infrastructure to run our Azure Web Apps in multiple datacenter locations behind Azure Traffic Mana...
.NET asp.net asp.net coreIt can be tricky to run integration tests targeting a web server using the command line. Essentially, we need to: Start the applicati...
JavaScript npmI was trying to get a global .NET Core tool working on my development machine, which just so happens to be running macOS. I also work wit...
.NET macOSWe’ve moved around CSS frameworks in the past few years, Semantic UI for our application layer, and Bootstrap for our static sites. As ou...
SASSNew to the frontend at RIMdev, or looking for more about our Frontend team? Here’s a quick overview of our team, tools, and culture! As ...
Team RIMdev FrontendSimple transitions Vue.js has an extremely helpful was to handle animations in web apps. In a simple example if we want to display somet...
Vue.js JavaScript AnimationsAs web applications have gotten more complex, so has the technologies used to build them. Magic can be good when all works as intended, b...
Webpack JavascriptWe’re in the process of scaffolding out our Microsoft Azure environments using Terraform. We’re looking at deploying consistently from ma...
Azure TerraformRequirement ASP.NET Core 2.2 or 3.0 Why can’t I do this in earlier versions? Read ASP.NET Core 2.2 First Look – Endpoint Routing ...
ASP.NET Core Routing MiddlewareHealth checks in ASP.NET Core are useful for reporting the health of your ASP.NET Core web application. But, this functionality can’t dir...
.NETAs I’ve walked through upgrading a number of solutions to target a new version of the .NET Framework, I’ve compiled a list of helpful ste...
.NETWhat is WSL? Windows Subsytsem for Linux (aka WSL) is an excellent tool for running Linux-based binaries natively in Windows. With the i...
WSL git ASP.NET MVCIn development it is common to not want to share everything in our code. Things like usernames, password, links to an api, and more shoul...
Vue.js JavaScript WebpackIn Vue computed properties are a life saver when it comes to being able to add logic to data that we need to use in the UI. We want to ke...
Vue.js JavaScriptUpdated Solution! Thanks for the post!If you don't want to create a web.config, you can also drive this through the <AspNetCoreHo...
asp.net asp.net coreI, Khalid Abuhakmeh, recently wrote about my [Razor Pages first impressions][khalid] and am mostly positive about the addition to the ASP...
asp.net asp.net core razorWe’re in the process of scaffolding out our Microsoft Azure environments using Terraform. While Terraform does an excellent job creating ...
Terraform OSSTL;DR Explicitly using SqlBulkCopy might never cause this problem since mapping is done manually, but NPoco’s usage does automatic map...
NPoco SqlBulkCopyAt Ritter Insurance Marketing, we utilize IdentityServer3 for our authentication mechanism. It has been almost a year of hosting in Windows Azure with great success. While it has been a positive experience, but there has been one frustrating issue. Unpredictably, our authentication system would break, leaving our applications inaccessible. We started noticing a specific exception in our error log when these events would occur:
System.IdentityModel.Tokens.SecurityTokenInvalidIssuerException
IDX10205: Issuer validation failed. Issuer: 'https://auth.ritterim.com/identity'. \
Did not match: validationParameters.ValidIssuer: 'null' or validationParameters.ValidIssuers: \
'https://auth.ritterim.com/, https://rim-auth-east.azurewebsites.net/identity'.
We have noticed that the Issuer url value being provided by an authentication request changes randomly in Windows Azure. The unknown bug causes our applications to break. While the change is random, the expected issuer urls are not. We have narrowed it down to these known variations.
https://{custom domain name}.comhttps://{custom domain name}.com/identityhttps://{azure app name}.azurewebsites.nethttps://{azure app name}.azurewebsites.net/identityTo setup the valid issuers for IdentityServer3, we just use the APIs provided by the library.
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
// other settings...
TokenValidationParameters = new TokenValidationParameters()
{
AuthenticationType = "Cookies",
// a comma seperated list of urls
ValidIssuers = config.ValidIssuers
}
// other settings...
});
We hope we’ve found all the variations, and for the last several weeks our authentication has become a lot more stable. I hope this helps anyone experiencing issues with IdentityServer3 and Windows Azure.
