Identity server registration doesn't redirect back to React app

All we need is an easy explanation of the problem, so here it is.

I have an ASP.NET Core backend with a React frontend hosted in different origins.

The ASP.NET core backend is configured to use the inbuilt identity server:

// Startup
public void ConfigureServices(IServiceCollection services)
{
  ...
  services.AddIdentityServer()
    .AddApiAuthorization<ApplicationUser, ApplicationDbContext>();
  ...
}

I have added the OidcConfigurationController that the identity server expects:

public class OidcConfigurationController : Controller
{
    public OidcConfigurationController(IClientRequestParametersProvider clientRequestParametersProvider)
    {
        ClientRequestParametersProvider = clientRequestParametersProvider;
    }

    public IClientRequestParametersProvider ClientRequestParametersProvider { get; }

    [HttpGet("_configuration/{clientId}")]
    public IActionResult GetClientRequestParameters([FromRoute]string clientId)
    {
        var parameters = ClientRequestParametersProvider.GetClientParameters(HttpContext, clientId);
        return Ok(parameters);
    }
}

I have also added the following settings in appsettings.json that the identity server reads:

...
"IdentityServer": {
  "Clients": {
    "WebApplication1": {
      "Profile": "SPA",
      "RedirectUri": "http://localhost:3000/authentication/login-callback",
      "LogoutUri": "http://localhost:3000/authentication/logout-callback"
    }
  }
},
...

The React app is hosted at http://localhost:3000 and uses oidc-client to interact with the ASP.NET Core server. The frontend code appears to correctly request a sign in passing the correct return url:

enter image description here

The ASP.NET Core authentication pages are successfully shown:

enter image description here

But if you post a new registration, ASP.NET Core redirects to its root rather than http://localhost:3000:

enter image description here

Is there anything I’ve missed or does the inbuilt ASP.NET identity only work if the client is hosted in the same origin?

Any help appreciated.

How to solve :

I know you bored from this bug, So we are here to help you! Take a deep breath and look at the explanation of your problem. We have many solutions to this problem, But we recommend you to use the first method because it is tested & true method that will 100% work for you.

Method 1

You just miss your return url during roundtrip to Account/Register. That has nothing to do with origins. Check with a pure signin — that should work out of the box.

New account registration is not what Identityserver is responsible for. You have to handle that yourself. You need to pass through your return url each time you redirect, starting from the “Register” button on your login form and ending at your [HttpPost]Register action. Most likely you would like to keep that url even when you user cancels the registration in the middle and decides to signin with an existing account.

See this question/answer for the reference.

Note: Use and implement method 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply