I am working in one of the applications running on .NET Framework 4.6.1, where I am trying to get dns name (on server) and on local, both having 'https' protocols.
Locally I am accessing my application with https://localost:44301/ however request object is showing me http://127.0.0.1
On Server I am accessing with https://dns.com/ however logs are showing me http://127.0.0.1 - running instances behind ALB.
Code:
var host = System.Web.HttpContext.Current.Request.Url;
I am calling this on Startup.cs class.
I see my browser has and showing https://localhost:44301, however code is showing http://127.0.0.1 as mentioned above.
My code is running on .NET Framework 4.6.1 and unable to find anything more with HttpRequest object.
Question - How can I get correct DNS name or localhost:44301 from request object or using some other mechanism.
Related
I am new to Next JS, I'm experiencing this error right after I created my first app and run it from the terminal. I haven't declared next/router in vs code, did not change or add files to my project.
I tried to restart the server, but the error message remains.
Error: No router instance found.
You should only use "next/router" on the client-side of your app.
This error is due to your Reactjs web application URL & your API URL are not having same origins (not running on same port or same hosts or same schemes).
Two URLs have the same origin if they have identical schemes, hosts, and ports.
EX: Your web application URL http://192.168.3.143:4040 is different from your React web application URL.
Therefore you need to try any of the following solutions:
Your web application & API application should have the same schemes, hosts, and ports
OR
You need to enable CORS in your API, for your web URL which is different than your API URL.
My IdentityServer4 instance returns deformed schema for the urls in the reponse of the well-known configs. Here is the response that I get from
http://www.server.meetcorepoint.com/.well-known/openid-configuration
{"issuer":"http://\\www.server.meetcorepoint.com","jwks_uri":"http://\\www.server.meetcorepoint.com/.well-known/openid-configuration/jwks","authorization_endpoint":"http://\\www.server.meetcorepoint.com/connect/authorize","token_endpoint":"http://\\www.server.meetcorepoint.com/connect/token","userinfo_endpoint":"http://\\www.server.meetcorepoint.com/connect/userinfo","end_session_endpoint":"http://\\www.server.meetcorepoint.com/connect/endsession","check_session_iframe":"http://\\www.server.meetcorepoint.com/connect/checksession","revocation_endpoint":"http://\\www.server.meetcorepoint.com/connect/revocation","introspection_endpoint":"http://\\www.server.meetcorepoint.com/connect/introspect","frontchannel_logout_supported":true,"frontchannel_logout_session_supported":true,"backchannel_logout_supported":true,"backchannel_logout_session_supported":true,"scopes_supported":["openid","profile","api1","offline_access"],"claims_supported":["sub","name","family_name","given_name","middle_name","nickname","preferred_username","profile","picture","website","gender","birthdate","zoneinfo","locale","updated_at"],"grant_types_supported":["authorization_code","client_credentials","refresh_token","implicit","password"],"response_types_supported":["code","token","id_token","id_token token","code id_token","code token","code id_token token"],"response_modes_supported":["form_post","query","fragment"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256"],"code_challenge_methods_supported":["plain","S256"]}
Here is the mvc client http://www.mvc.meetcorepoint.com and when I click to authenticate with the idsr4 the client throws exception Unable to parse host name and fails to do authentication because it can't parse the urls.
Note the \\ appended to the schema in each url of the response. All urls are invalid. Both the idsr4 and the mvc client are hosted on Amazon Linux. The two projects that I use are both from the official sample projects on GitHub https://github.com/IdentityServer/IdentityServer4.Samples/tree/release/Quickstarts/5_HybridFlowAuthenticationWithApiAccess
I am using version 2.0.4 of dotnet core.
On localhost the idsr4 works as expected and returns the appropriate response without additional double backslashes.
What is causing the wrong url schemas and how to fix this ? Feel free to test the identity server yourself on the live servers.
I have developed an application that allows MSA (Microsoft Account) authentication. I have registered my app here: https://apps.dev.microsoft.com.
When testing my app locally, I can access my app with no problem at my SSL URL of https://localhost:44300, and MSA works fine. When I registered my app, I used https://localhost:44300/signin-microsoft as the Redirect URI.
Problem: I can also access my app at https://127.0.0.1:44300, as one would expect. However, MSA here doesn't work. The error page says, We're unable to complete your request.
Microsoft account is experiencing technical problems. Please try again later. And the URL of the error page reveals that the error is with a mismatch in the Redirect URI: https://login.live.com/err.srf?lc=1033#error=invalid_request&error_description=The+provided+value+for+the+input+parameter+'redirect_uri'+is+not+valid.+The+expected+value+is+'https://login.live.com/oauth20_desktop.srf'+or+a+URL+which+matches+the+redirect+URI+registered+for+this+client+application.
In the Microsoft Apps page, when I try to update the Redirect URI from https://localhost:44300/signin-microsoft to https://127.0.0.1:44300/signin-microsoft, it doesn't allow me to save my change and it shows me this error: Your URL can't contain a query string or invalid special characters, and it provides a 'Learn More' link: https://learn.microsoft.com/en-us/azure/active-directory/active-directory-v2-limitations#restrictions-on-redirect-uris
After reading the info in this link, I see nowhere that a URI like mine (https://127.0.0.1:44300/signin-microsoft) would be an unacceptable URL, as I'm not breaking any of their rules: I have no invalid characters, no query strings, etc.
My research: Looking online, people are getting the Your URL can't contain a query string or invalid special characters because they are actually using a query string or invalid special characters, such as in this link: https://social.msdn.microsoft.com/Forums/en-US/4f638860-ea57-4f0e-85e0-b28e1e357fe2/office-365-app-authorization-redirect-uri-issue?forum=WindowsAzureAD. I couldn't find a case where someone has entered a valid URI and they weren't allowed to save it.
Why I need 127.0.0.1 to work: I need to expose this website, which is running on my local box. In order to have the website running without having an instance of Visual Studio opened all the time, I'm using csrun to host my website in Azure local fabric (by the way, my app is an Azure Cloud Service, with a ASP.NET MVC 5 app as a web role). I followed this instruction for csrun: http://www.bardev.com/2013/03/12/how-to-deploy-application-to-windows-azure-compute-emulator-with-csrun/. Using csrun, it allowed me to host my website in https://127.0.0.1:444 (but, as with https://127.0.0.1:44300, MSA doesn't work). My end goal is to expose this website with a public URL using ngrok (https://www.sitepoint.com/use-ngrok-test-local-site/), so that anyone can access my site.
Therefore, my main question is: how can I have the Redirect URI be https://127.0.0.1:44300/signin-microsoft instead of https://localhost:44300/signin-microsoft?
Make sure you access this portal through https://identity.microsoft.com as this is the only way the steps below will work.
You can get around this error right now by adding the reply URL through the manifest. Login to the portal, select the app you want to configure, and scroll down and hit the Edit Application Manifest button. Then you can add your https://127.0.0.1:44300/ to the replyUrls field.
There's some funny behavior that will only allow this right now if you only register other localhost reply Urls. If this is the only reply URL you need then it shouldn't be a problem.
I have an IIS-hosted, WCF web service deployed on a UAT web server. In IIS, I have site bindings on this same web service--one for internal access (Ex: uat-nodotsinternalonly) and one for external access (Ex: mysvc.uat.mydomain.com).
When I use SoapUI to test against the internal host name (http://uat-nodotsinternalonly/MyService.svc), it calls the service and returns the response envelope as expected.
When I use SoapUI to test against the external host name (https://mysvc.uat.mydomain.com/MyService.svc), it calls the service and returns the WSDL HTML as would be seen in the web browser instead of the response envelope as expected.
We need to expose past our firewall for testing with a vendor. Our external client can browse to our web service using the external host name and receive the WSDL back in their web browser, but when they call it, it fails with a 302 error.
I’m far from an expert on security, but I believe our firewall is handling the security then forwarding over http to the UAT server. The redirect and variations seem as though there’s something to change in how DNS is managed or settings in IIS. Does anyone have suggestions as to how to narrow it down so that the call to the external service will work?
We too had a WCF service that in SoapUI was returning the WSDL HTML instead of the expected response when invoking a method. This was an SSL-enabled service, and the solution in our case was to edit the endpoint URL after creating the request so that it used https instead of http. This is because we found that for some reason it defaults to http even when you initially specify https when creating the request. Here's how to edit the endpoint URL in SoapUI:
In the request window, click the drop-down arrow on the URL.
Select [edit current..]
Change http to https, and then try your request again.
The problem with the client getting a 302 error was because the client was not sending a SOAP request envelope to our web service. The client was just sending XML.
I'm using a web api application that returns valid post-codes for given city. The application is hosted on WinServer 2008 R2, IIS 6.1.
Application works fine as long as there are no European-char (ä,ß,æ,ø,å) in the URL.
But with any special/European-char in URL I get the following error message:
Error Code: 500 Internal Server Error. The request was rejected by the HTTP filter. Contact the server administrator. (12217)
E.g. for working URL: edu.web/Api/PostCode/Heidenau
E.g. for non-working URL: edu.web/Api/PostCode/Heidehäuser
E.g. for non-working URL with URL encoding: edu.web/Api/PostCode/Heideh%C3%A4user
How to configure the IIS to accept european chars?
Thanks.
I've resolved the issue by involving our system administrator.
All Internet requests are passed through ISA server (Microsoft Forefront Threat Management Gateway) which by default filters all requests with special characters before they hit our Webservers.
After we changed the Configuration, everything started working as intended.