0

This issue does not exist when the app is deployed to Azure App Service only AWS Beanstalk and Google App Engine.

When I deploy my application to the cloud host that has Okta Authentication implemented and configured , I got the following error message after logging in with Okta right when the redirect URI is called. I have http://<my-application-url>/authorization-code/callback in the address bar.

I'm using only command line tools (Azure CLI, Google Cloud SDK, .NET Core SDK) on Mac OSX.

Reproducible with the Okta sample application: https://github.com/okta/samples-aspnetcore/tree/master/samples-aspnetcore-3x/okta-hosted-login

Repro steps:

  1. Run dotnet publish.
  2. Create a .zip archive from the output and upload using AWS Beanstalk manual upload to .NET Core running on 64bit Amazon Linux 2/2.0.2 platform.

OR

  1. Deploy to Google Cloud App Service using gcloud app deploy command.

In both cases after clicking Log in in the application and signing in with Okta the following error occurs.

Exception:

    System.Exception: Correlation failed.

    System.Exception: An error was encountered while handling the remote login.
 ---> System.Exception: Correlation failed.
   --- End of inner exception stack trace ---
   at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)

Startup.cs: https://github.com/okta/samples-aspnetcore/blob/master/samples-aspnetcore-3x/okta-hosted-login/okta-aspnetcore-mvc-example/Startup.cs

Program.cs: https://github.com/okta/samples-aspnetcore/blob/master/samples-aspnetcore-3x/okta-hosted-login/okta-aspnetcore-mvc-example/Program.cs

Okta configuration: enter image description here

sige
  • 61
  • 2
  • 8
  • Possibly related: https://stackoverflow.com/questions/50262561 – Jon Skeet Sep 17 '20 at 13:46
  • Tried with deployment package built on Windows, the issue still persists. – sige Sep 17 '20 at 15:55
  • Tried setting up the AWS environment to be a single instance. No luck. – sige Sep 17 '20 at 15:56
  • Do you believe a certain part of the Google Platform is causing this? – MrTech Sep 17 '20 at 21:59
  • Not sure, because the same error thrown on Google Cloud App Service. Only works on Azure. – sige Sep 21 '20 at 09:52
  • In the meanwhile I tried adding a custom domain with a valid SSL cert instead of using the default address given by the cloud provider. Same exception. – sige Sep 21 '20 at 10:01
  • New interesting development: I tried by accident on Safari browser. And Seems like the Google Cloud deployment works perfectly logging in with Okta. However the AWS deployment returns: `502 Bad Gateway` - nginx/1.18.0 - after redirecting to `http:///authorization-code/callback` – sige Sep 21 '20 at 10:06
  • Checked with Mozilla Firefox, the issue is the same as with Safari. – sige Sep 21 '20 at 10:14
  • Also something strange: After the successful login with Okta I get redirected to: http:// instead of https://. I have both enabled within the Okta control panel and are whitelisted, still it is odd. I'm wondering which component is responsible for setting the redirect URI. Most likely the Okta service or the Okta Sdk in my app. There may be a way to enforce https. – sige Sep 21 '20 at 10:18
  • Okta is offering support. You may contact them here: https://www.okta.com/services/success-and-support/ At this point, I'm thinking that this is not related to GCP. – MrTech Sep 22 '20 at 19:27

0 Answers0