samples-blazor icon indicating copy to clipboard operation
samples-blazor copied to clipboard
verified publisher icon okta

Authentication Loop in IFrame

Open wlumetsberger opened this issue 4 years ago • 3 comments

If the Balzor-Seite is embedded in an IFrame (Microsoft Teams WebsiteTab) the Authentication ends up in a Loop. Teams uses also Federated Authentication with Okta. Using the Site Standalone the Authentication Works as aspect. AccountController is called -> Challange is Called -> Okta Login does appear OnTokenValidateEvent gets fired containing the authenticated Userprincipal in args.Identity image AccountController is called -> HttpContext.User is authenticated image

Using the same Site in a Team Websitetab the steps are the following: AccountController is called -> Challenge is Called -> no Okta Login appears (Token is already here) image OnTokenValidateEvent gets fired containing the authenticated Userprincipal image AccountController is called -> but now User is not authenticated! --> Loop image

This is the Configuration used: image

wlumetsberger avatar Dec 06 '21 07:12 wlumetsberger

Issue is also during use in a standard IFrame: image

wlumetsberger avatar Dec 06 '21 09:12 wlumetsberger

@wlumetsberger, Thanks for reaching out to report this! To help us reproduce and investigate the issue further can you share a project/solution that reproduces the issue as you describe? I have added an item for internal tracking for further review.

bryanapellanes-okta avatar Dec 06 '21 13:12 bryanapellanes-okta

@bryanapellanes-okta here is a link to the repo: https://github.com/wlumetsberger/okta-blazor-server-side-tests

wlumetsberger avatar Dec 06 '21 14:12 wlumetsberger