Authentication broken on ASP.Net Core and Safari on iOS 12 / Mojave (take 2)

nicolas_sabena · April 1, 2019, 7:08pm

UPDATE: While I haven’t tested it, Brock Allen provided a much cleaner solution here: Same-site cookies, ASP.NET Core, and external authentication providers | brockallen (specifically, the code under " The fix specifically for ASP.NET Core"). If using that code, remember to switch signin-oidc to signin-auth0 in the path check. I.e.:

public void Configure(IApplicationBuilder app)
{
   app.Use(async (ctx, next) =>
   {
      await next();

      if (ctx.Request.Path == "/signin-auth0" && 
          ctx.Response.StatusCode == 302)
      {
          var location = ctx.Response.Headers["location"];
          ctx.Response.StatusCode = 200;
          var html = $@"
             <html><head>
                <meta http-equiv='refresh' content='0;url={location}' />
             </head></html>";
          await ctx.Response.WriteAsync(html);
      }
   }
   
   [...]
}

Topic		Replies	Views
Authentication broken on ASP.Net Core and Safari on iOS 12 / Mojave Get Help	16	9590	September 4, 2019
Unable to login on iOS 13.4.1 Get Help	3	3676	June 12, 2020
IE11 Does not sign in Auth0 User Get Help aspnet-core , internet-explorer	1	3839	July 3, 2020
Critical login issue with ASP.NET MVC 5 Get Help aspnet-mvc , net	0	4027	May 14, 2021
Any workadounds for Safari ITP issue with transaction cookie when using express-openid-connect? Get Help oidc , protocols	5	108	November 26, 2024

Authentication broken on ASP.Net Core and Safari on iOS 12 / Mojave (take 2)

Related topics