OpenIddict The token request was rejected because the authorization code or the refresh token was invalid












0















I have an ASP.NET Core 2.1 Angular 6 application hosted on an IIS server. I am having issues with my refresh token being invalid. I have an IIS ARR Round Robin cluster. Everything works when only one server is online. However when multiple servers are online, my refresh token is only valid when requests are made to the server that issued the token.



Iv addeded this to my startup.cs with no success



 app.UseForwardedHeaders(new ForwardedHeadersOptions

            {

                ForwardedHeaders = ForwardedHeaders.All

            });



            string XForwardedPathBase = "X-Forwarded-PathBase";

            string XForwardedProto = "X-Forwarded-Proto";



            app.Use((context, next) =>

            {

                if (context.Request.Headers.TryGetValue(XForwardedPathBase, out StringValues pathBase))

                {

                    context.Request.PathBase = new PathString(pathBase);



                }



                if (context.Request.Headers.TryGetValue(XForwardedProto, out StringValues proto))

                {

                    context.Request.Protocol = proto;

                }



                return next();

            });





angular6 iis-8 asp.net-core-2.1 round-robin web-farm-framework







share|improve this question























  • I removed above code from the startup.cs file.

    – Jd Savage
    Nov 20 '18 at 20:02
















0















I have an ASP.NET Core 2.1 Angular 6 application hosted on an IIS server. I am having issues with my refresh token being invalid. I have an IIS ARR Round Robin cluster. Everything works when only one server is online. However when multiple servers are online, my refresh token is only valid when requests are made to the server that issued the token.



Iv addeded this to my startup.cs with no success



 app.UseForwardedHeaders(new ForwardedHeadersOptions

            {

                ForwardedHeaders = ForwardedHeaders.All

            });



            string XForwardedPathBase = "X-Forwarded-PathBase";

            string XForwardedProto = "X-Forwarded-Proto";



            app.Use((context, next) =>

            {

                if (context.Request.Headers.TryGetValue(XForwardedPathBase, out StringValues pathBase))

                {

                    context.Request.PathBase = new PathString(pathBase);



                }



                if (context.Request.Headers.TryGetValue(XForwardedProto, out StringValues proto))

                {

                    context.Request.Protocol = proto;

                }



                return next();

            });





angular6 iis-8 asp.net-core-2.1 round-robin web-farm-framework







share|improve this question























  • I removed above code from the startup.cs file.

    – Jd Savage
    Nov 20 '18 at 20:02














0












0








0








I have an ASP.NET Core 2.1 Angular 6 application hosted on an IIS server. I am having issues with my refresh token being invalid. I have an IIS ARR Round Robin cluster. Everything works when only one server is online. However when multiple servers are online, my refresh token is only valid when requests are made to the server that issued the token.



Iv addeded this to my startup.cs with no success



 app.UseForwardedHeaders(new ForwardedHeadersOptions

            {

                ForwardedHeaders = ForwardedHeaders.All

            });



            string XForwardedPathBase = "X-Forwarded-PathBase";

            string XForwardedProto = "X-Forwarded-Proto";



            app.Use((context, next) =>

            {

                if (context.Request.Headers.TryGetValue(XForwardedPathBase, out StringValues pathBase))

                {

                    context.Request.PathBase = new PathString(pathBase);



                }



                if (context.Request.Headers.TryGetValue(XForwardedProto, out StringValues proto))

                {

                    context.Request.Protocol = proto;

                }



                return next();

            });





angular6 iis-8 asp.net-core-2.1 round-robin web-farm-framework







share|improve this question














I have an ASP.NET Core 2.1 Angular 6 application hosted on an IIS server. I am having issues with my refresh token being invalid. I have an IIS ARR Round Robin cluster. Everything works when only one server is online. However when multiple servers are online, my refresh token is only valid when requests are made to the server that issued the token.



Iv addeded this to my startup.cs with no success



 app.UseForwardedHeaders(new ForwardedHeadersOptions

            {

                ForwardedHeaders = ForwardedHeaders.All

            });



            string XForwardedPathBase = "X-Forwarded-PathBase";

            string XForwardedProto = "X-Forwarded-Proto";



            app.Use((context, next) =>

            {

                if (context.Request.Headers.TryGetValue(XForwardedPathBase, out StringValues pathBase))

                {

                    context.Request.PathBase = new PathString(pathBase);



                }



                if (context.Request.Headers.TryGetValue(XForwardedProto, out StringValues proto))

                {

                    context.Request.Protocol = proto;

                }



                return next();

            });





angular6 iis-8 asp.net-core-2.1 round-robin web-farm-framework




angular6 iis-8 asp.net-core-2.1 round-robin web-farm-framework






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 15 '18 at 15:38









Jd SavageJd Savage

67




67













  • I removed above code from the startup.cs file.

    – Jd Savage
    Nov 20 '18 at 20:02



















  • I removed above code from the startup.cs file.

    – Jd Savage
    Nov 20 '18 at 20:02

















I removed above code from the startup.cs file.

– Jd Savage
Nov 20 '18 at 20:02





I removed above code from the startup.cs file.

– Jd Savage
Nov 20 '18 at 20:02












1 Answer
1






active

oldest

votes


















0














The problem was that the keys were being stored on the local machine by default. In a web farm you need to save it somewhere each host can access it. I added this to my startup.cs and its working. Not sure why but there is no option to store the key in a sql server. 



 services.AddDataProtection()

      .PersistKeysToFileSystem(new DirectoryInfo(@"\serverpath"));


https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview?view=aspnetcore-2.1






share|improve this answer























    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53322915%2fopeniddict-the-token-request-was-rejected-because-the-authorization-code-or-the%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    The problem was that the keys were being stored on the local machine by default. In a web farm you need to save it somewhere each host can access it. I added this to my startup.cs and its working. Not sure why but there is no option to store the key in a sql server. 



     services.AddDataProtection()
    
      .PersistKeysToFileSystem(new DirectoryInfo(@"\serverpath"));


    https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview?view=aspnetcore-2.1






    share|improve this answer




























      0














      The problem was that the keys were being stored on the local machine by default. In a web farm you need to save it somewhere each host can access it. I added this to my startup.cs and its working. Not sure why but there is no option to store the key in a sql server. 



       services.AddDataProtection()
      
      .PersistKeysToFileSystem(new DirectoryInfo(@"\serverpath"));


      https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview?view=aspnetcore-2.1






      share|improve this answer


























        0












        0








        0







        The problem was that the keys were being stored on the local machine by default. In a web farm you need to save it somewhere each host can access it. I added this to my startup.cs and its working. Not sure why but there is no option to store the key in a sql server. 



         services.AddDataProtection()
        
      .PersistKeysToFileSystem(new DirectoryInfo(@"\serverpath"));


        https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview?view=aspnetcore-2.1






        share|improve this answer













        The problem was that the keys were being stored on the local machine by default. In a web farm you need to save it somewhere each host can access it. I added this to my startup.cs and its working. Not sure why but there is no option to store the key in a sql server. 



         services.AddDataProtection()
        
      .PersistKeysToFileSystem(new DirectoryInfo(@"\serverpath"));


        https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview?view=aspnetcore-2.1







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 20 '18 at 20:02









        Jd SavageJd Savage

        67




        67
































            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53322915%2fopeniddict-the-token-request-was-rejected-because-the-authorization-code-or-the%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Bressuire

            Image
            Subprefecture and commune in Nouvelle-Aquitaine, France Bressuire Subprefecture and commune Chateau de Bressuire and the Eglise Notre-Dame Coat of arms Location of Bressuire Bressuire Show map of France Bressuire Show map of Nouvelle-Aquitaine Coordinates: 46°50′27″N 0°29′14″W  /  46.8408°N 0.4872°W  / 46.8408; -0.4872 Coordinates: 46°50′27″N 0°29′14″W  /  46.8408°N 0.4872°W  / 46.8408; -0.4872 Country France Region Nouvelle-Aquitaine Department Deux-Sèvres Arrondissement Bressuire Canton Bressuire Government  • Mayor .mw-parser-output .nobold{font-weight:normal} (2014–20) Jean Michel Bernier Area 1 180.59 km 2 (69.73 sq mi) Population (2014) 2 19,300  • Density 110/km 2 (280/sq mi) Time zone UTC+01:00 (CET)  • Summer (DST) UTC+02:00 (CEST) INSEE/Postal code 79049 /79300 Elevation 98–236 m (322–774 ft) (avg. 173 m or 568 ft) 1 French Land Register data, which exclude
            Read more

            Vorschmack

            Image
            Vorschmack Ukrainian Jewish-style vorschmack served on rye bread Course Hors d'oeuvre Region or state Eastern Europe Associated national cuisine Ashkenazi Jewish, Finnish, German, Ukrainian, Polish, Russian Main ingredients Ground meat and/or fish Cookbook: Vorschmack   Media: Vorschmack Vorschmack or forshmak (Yiddish: פֿאָרשמאַק ‎, from archaic German Vorschmack , "foretaste" [1] or "appetizer" [2] ) is an originally East European dish made of salty minced fish or meat. Different variants of this dish are especially common in Ashkenazi Jewish and Finnish cuisine. Some varieties are also known in Russian and Polish cuisine. Contents 1 In Jewish cuisine 2 In Russian cuisine 3 In Polish cuisine 4 In Finnish cuisine 5 See also 6 References In Jewish cuisine According to Gil Marks, the German name points to the possible Germanic origin of this dish. [1] William Pokhlyobkin descr
            Read more

            Quarantine

            Image
            For other uses, see Quarantine (disambiguation). Signal flag "Lima" called the "Yellow Jack" which when flown in harbor means ship is under quarantine. A simple yellow flag (also called the "Yellow Jack") had historically been used to signal quarantine (it stands for Q among signal flags), but now indicates the opposite, as a signal of a ship free of disease that requests boarding and inspection. A quarantine is used to separate and restrict the movement of people; it is 'a restraint upon the activities or communication of persons or the transport of goods designed to prevent the spread of disease or pests', for a certain period of time. [1] This is often used in connection to disease and illness, such as those who may possibly have been exposed to a communicable disease. [2] The term is often erroneously used to mean medical isolation, which is "to separate ill persons who have a communicable disease from those who are healthy
            Read more