Redirecting url from Identity server 4 is not behaving as expected and “Cannot cast Newtonsoft.Json.Linq.JArray to Newtonsoft.Json.Linq.JToken” error

后端未结

关注

 2  777

Note : After resolving the redirection issue i had an another issue that is getting an error \"Cannot cast Newtonsoft.Json.Linq.JArray to Newtonsoft.Json.Linq.JToken\". So i

相关标签:

2条回答

轮回少年

2021-01-15 07:42

I had the same problem with having multiple roles. Here is the solution for it:

.AddOpenIdConnect("oidc", options =>
{
    // ...
    options.Scope.Add("roles");

    // ... using MapJsonKey instead of MapUniqueJsonKey for having 2 or more roles
    options.ClaimActions.MapJsonKey(claimType: "role", jsonKey: "role");
});

0 讨论(0)

一个人的身影

2021-01-15 07:50

I could resolved this with the help of Identity Server 4 folks. If any one come across this problem here is the solution.

I missed adding "UseAuthentication" in Configure the client MVC pipeline. So after adding that i was redirected as expected and then I had another issue as shown below.

System.InvalidCastException: Cannot cast Newtonsoft.Json.Linq.JArray to Newtonsoft.Json.Linq.JToken. at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler1.d__12.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter1.GetResult() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.<Invoke>d__6.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.<Invoke>d__7.MoveNext()

I'm getting this exception while connecting my application to IdentityServer4 with AzureAD as external authentication provider. My application is using Hybrid flow to connect to IdentityServer4. I get properly redirected to Azure, login, and code and id_tokens are properly issued. This exception is raised in my application when userInfo endpoint is invoked.

In order resolve this I had to remove the claim which has the name twice.

I confirmed that AAD sends two name claims. Removing one of them resolved the problem.

var namesClaim = externalUser.FindFirst(ClaimTypes.Name) ??
                             throw new Exception("Unknown names");

if (namesClaim!=null)
{
    claims.Remove(namesClaim);
}

Hope this may help someone.

0 讨论(0)