Skip to content

Update .NET 6 known-issues.md #7545

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jul 1, 2022
Merged

Update .NET 6 known-issues.md #7545

merged 3 commits into from
Jul 1, 2022

Conversation

Rick-Anderson
Copy link
Contributor

@Rick-Anderson Rick-Anderson commented Jun 16, 2022
edited
Loading

Fixes dotnet/aspnetcore#42072

@Ogglas can you help me document this problem. Please review what I have and suggest new text.

Rick-Anderson
Rick-Anderson commented Jun 16, 2022
View reviewed changes
@Rick-Anderson Rick-Anderson changed the title Update known-issues.md Update .NET 6 known-issues.md Jun 16, 2022
Ogglas
Ogglas reviewed Jun 17, 2022
View reviewed changes
release-notes/6.0/known-issues.md Outdated
@@ -59,6 +59,38 @@ The first time SPA apps are run, the authority for the spa proxy might be incorr

When using localdb (default when creating projects in VS), the normal database apply migrations error page will not be displayed correctly due to the spa proxy. This will result in errors when going to the fetch data page. Apply the migrations via 'dotnet ef database update' to create the database.

### SPA template issues with Individual authentication when running in production

<!-- Statement of problem here. Initially you say but then say Tested with `Always on = true` for Azure App Service and the error actually occurred more frequently. So if it's not the app shutting down and restarting, what causes the error? Something like SPA apps on Azure that (conditions that cause the problem) return the following error `WWW-Authenticate: Bearer error="invalid_token", error_description="The issuer 'https://MyDomain.com' is invalid"`. If the app is accessed from the Azure DNS (MyDomain.azurewebsites.net), authenticaion is successful. Subsequent requests to `https://MyDomain.com` succeed until (??? the app is restarted??? but not according to always on = true). After stopping and starting the app, authenticaion succeeds.
Copy link

@Ogglas Ogglas Jun 17, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SPA template issues with Individual authentication when running in production

Applications based on SPA template with Individual authentication that requires login for every page and is hosted as an Azure App Service on your own domain like https://MyDomain.com can receive the following error:

WWW-Authenticate: Bearer error="invalid_token", error_description="The issuer 'https://MyDomain.com' is invalid"

Probably related to Azure DNS (MyDomain.azurewebsites.net) but this has not been verified. It will probably occur more frequently with Always on set to true for the Azure App Service but it can happen with Always on set to false as well.

To prevent this problem without having to stop and restart the app when the error occurs:

  1. Add a new app setting which contains the target DNS address. For example, create IdentityServer:IssuerUri with value https://MyDomain.com/
  2. Add the following code to the app (settings is a class mapped to app setting):
if (!string.IsNullOrEmpty(settings.IdentityServer.IssuerUri))
{
    builder.Services.Configure<JwtBearerOptions>(IdentityServerJwtConstants.IdentityServerJwtBearerScheme, o => o.Authority = settings.IdentityServer.IssuerUri);
}

below this code:

builder.Services.AddAuthentication()
    .AddIdentityServerJwt();

Then modify AddIdentityServer like this:

builder.Services.AddIdentityServer(options =>
                {
                    //Used until https://github.com/dotnet/aspnetcore/issues/42072 is fixed
                    if (!string.IsNullOrEmpty(settings.IdentityServer.IssuerUri))
                    {
                        options.IssuerUri = settings.IdentityServer.IssuerUri;
                    }
                })
    .AddApiAuthorization<ApplicationUser, ApplicationDbContext>();

For more information, see this GitHub issue

Ogglas
Ogglas reviewed Jun 17, 2022
View reviewed changes
@Rick-Anderson Rick-Anderson requested a review from HaoK June 20, 2022 23:11
@Rick-Anderson Rick-Anderson marked this pull request as ready for review June 20, 2022 23:12
@Rick-Anderson Rick-Anderson merged commit 5db1a11 into main Jul 1, 2022
@Rick-Anderson Rick-Anderson deleted the Rick-Anderson-patch-1 branch July 1, 2022 00:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Ogglas Ogglas Ogglas left review comments

@HaoK HaoK HaoK approved these changes

@rbhanda rbhanda Awaiting requested review from rbhanda rbhanda is a code owner

@leecow leecow Awaiting requested review from leecow leecow is a code owner

@dcwhittaker dcwhittaker Awaiting requested review from dcwhittaker

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

SPA template issues with Individual authentication when running in production
3 participants
@Rick-Anderson @Ogglas @HaoK