This post was originaly posted on Thinktecture.IdentityServer3 bug tracker.
Guys said it's microsoft issue. Seems like even if nonce...
Id #408 | Release:
| Updated: Mon at 12:45 PM by balbelias | Created: Fri at 2:23 PM by balbelias
In Nuget Manager, I recently upgraded all Owin packages:
Microsoft.Owin : 220.127.116.11 to 18.104.22.168
Microsoft.Owin.Security 22.214.171.124 to 126.96.36.199
Id #407 | Release:
| Updated: May 14 at 6:45 PM by cjrogala | Created: May 14 at 6:45 PM by cjrogala
OwinHost starts up and then waits for enter to be pressed. On Linux/mono, when running as a daemon, a call to ReadLine() returns EOF immediately, causing OwinHost to exit prematurely.
Id #405 | Release:
| Updated: Apr 16 at 5:22 PM by swish014 | Created: Apr 16 at 5:19 PM by swish014
OpenIdConnectAuthenticationHandler.CurrentUri merely takes the URI of the OWIN request and disregards the value of the "X-Forwarded-Proto" header. Thus if the application is behind a load balancer ...
Id #404 | Release:
| Updated: Apr 14 at 5:28 PM by omidkrad | Created: Apr 14 at 5:43 AM by rasmusnu
I have a OWIN Web API (IIS hosted) secured with OAuth2 JWT tokens. The authentication options are configured like this :
var options = new JwtBearerAuthenticationOptions
Id #403 | Release:
| Updated: Mar 11 at 7:32 PM by ultraman69 | Created: Mar 11 at 6:57 PM by ultraman69
In v3.0.1, the following issue was fixed:
OpenIdConnect nonces need a unique cookie name
For each authentication request, a unique nonce cookie is now created. Even though these are Session ba...
Id #402 | Release:
| Updated: Mar 9 at 2:28 PM by yuyuki | Created: Mar 5 at 10:31 AM by loctanvo
Per rfc6749 you should be able to specify the http status code in an OAuth error situation. There appears to be no way to accomplish this as you are hard coding the response at https://katanaproje...
Id #401 | Release:
| Updated: Mar 2 at 6:55 PM by MotoWilliams | Created: Mar 2 at 6:55 PM by MotoWilliams
The cookie values as returned by OwinRequest.Cookies are urldecoded, this is not correct. The HTTP specifications do not state that values in the HTTP Cookie header are to be transmitted urlencoded...
Id #399 | Release:
| Updated: May 18 at 4:43 AM by rdrawsky | Created: Feb 23 at 3:22 PM by wdb
This is related to my discussion in here. When an exception occurs in the OpenIdConnectAuthenticationHandler it is written to (trace) logs using the line:
_logger.WriteError("Exception occurred wh...
Id #398 | Release:
| Updated: Feb 16 at 8:50 AM by htuomola | Created: Feb 16 at 8:50 AM by htuomola
Little puzzling this one as I cant see any reference to enterpriselibrary.common within the owin dependencies so apologies if I have this incorrect.
I have another object within my application th...
Id #397 | Release:
| Updated: Feb 16 at 8:57 AM by ajVersed | Created: Feb 13 at 3:27 PM by ajVersed