SSWConsulting
🐛🔥 Getting a 500 when logging with MS account
Cc: @matt-goldman / @gertmarx
Hi
Describe the Bug
Users (me included) having 500s when trying to log in with Microsoft account. It looks like it's only some accounts somehow (Hugo can log in fine for instance)
To Reproduce
Steps to reproduce the behavior:
- Go to the app
- Try to log in with Microsoft Account
Expected Behavior
Tasks
- [ ] Investigate
- [ ] Fix
Acceptance Criteria
- [ ] Meets Definition of Done - https://github.com/SSWConsulting/SSW.Rewards.Mobile/blob/main/_docs/Definition-of-Done.md
- [ ] ...
More Information
Environment
- Device: Android (latest)
Screenshots
Thanks!
hey @zacharykeeping - it didn't reappear after day 1... Could have been a side effect of another bug? Unsure.
Within the last 30 days there were 16 500 errors logged in Production SSW.IdentityServer. Some of them are for login with MS account.
Will investigate these further.
Figure: SSW.IdentityServer Production Application Insights - 500 errors within last 30 days
None of previously investigated errors occured on the first day of NDC Security.
However, a new error occurred once: "ReturnUrl is null or empty" on POST /Account/Register request.
Will add more telemetry to SSW.IdentityServer so we can get more details on these errors.
There was a 500 error for sign in with google. The following error message was logged:
'.AspNetCore.Correlation.CvaS1Y_6dNrvmybFu7STuVrJa8c6ksJ1RBH-q86l02g' cookie not found.
https://portal.azure.com/#view/AppInsightsExtension/DetailsV2Blade/ComponentId~/%7B%22SubscriptionId%22%3A%22b8b18dcf-d83b-47e2-9886-00c2e983629e%22%2C%22ResourceGroup%22%3A%22SSW.Identity%22%2C%22Name%22%3A%22appi-ssw-ident-production%22%2C%22LinkedApplicationType%22%3A0%2C%22ResourceId%22%3A%22%252Fsubscriptions%252Fb8b18dcf-d83b-47e2-9886-00c2e983629e%252FresourceGroups%252FSSW.Identity%252Fproviders%252FMicrosoft.Insights%252Fcomponents%252Fappi-ssw-ident-production%22%2C%22ResourceType%22%3A%22microsoft.insights%252Fcomponents%22%2C%22IsAzureFirst%22%3Afalse%7D/DataModel~/%7B%22eventId%22%3A%2247e6366e-d8af-11ef-b8e3-000d3aca80ff%22%2C%22timestamp%22%3A%222025-01-22T10%3A53%3A58.024Z%22%2C%22cacheId%22%3A%2208511a9c-5574-4b25-a64a-c3446fab5783%22%2C%22eventTable%22%3A%22requests%22%7D
There was a 500 error for sign in with Microsoft - the user declined to consent to access the app. This should be okay
https://identity.ssw.com.au/signin-microsoft?error=access_denied&error_subcode=cancel&state=CfDJ8BzDUbFV4JVFnXs4q4FKeXVC6R3HDVv2O6zlLS_5jDmjZVasX77C3cuwc_x-iJ61W1pt3aDVXUOQfDKYEK14tPYckxvwl13WrbU2dRGq6DtmIGzO_Tdaf78OFzox8JqMqu-wM0sPw4FPRYcroypX1mchEFVnL_242Qka1e5X0jPZvvQzXHo2mxlVxOHHZWnOHxQz5bvejBj6njsHD4NYxF-KMAhKPpUHu-3fi6lQxVvmjRSJ8FoTb09LrqZkj7fskr92kZ8e7jr3e6B_e8od6ypU22jYaj1HribhlBWF2ESHwWI_eXsIfY_Y4MB5I3lj1k-d09B9giGTUR2zXwVjl3Kea4L_Y1OCZfUEJGtiVegvIGfUTAqmo883plKjnkUClx7ijnllZh3QoH5UGyusGDaXgCkNU1uaFQ84kkoC2qM3VwF-CcVAvgGXsggPQ1dD1_CYXiC1guNrmyBUIMJ2kSy4qQ1VBFhslYFsMOsBxjK__UInbAyoL_4f30AZZms-p1cNeMRFuY2zFRoDgQw6Mjb3zu3Z3x4ECO77wPR3MXbzXavb5_at1XWIbReeuV2i8mrfTu_AOwszS2-wEA7DWJyKMCX_ATHCey2g3LVLLPJA6Zhw0BdmGpSQ29ZRliK2j9mqFqnFS4Ly7rPyxqwp7pLVhBlgtRtRSWVIDCASR2F3KsgUBnKMUKRCoIIWu-8Z-XLsP6SPSNhu_JbWyKpp9NCrB-_Q-7pFfg81MrfvBFzb1aYsZvMHrf0g5EHWKVgn8g&error_description=AADSTS65004%3a+User+declined+to+consent+to+access+the+app.
Closing this issue since it does not seem to occur anymore.
Recently this issue was occuring again, causing login with microsoft account to fail each time with 500 error. It was fixed by rotating secrets as per https://github.com/SSWConsulting/SSW.IdentityServer/blob/main/_docs/Technologies-and-Architecture.md#rotating-secrets