Auth0 Home Blog Docs

Connecting to Auth0 using IdentityModel OpenID Connect


#1

Hi,

I am trying evaluating Auth0. The following tutorial is straightforward:
https://manage.auth0.com/#/applications/DwsAzyp92BcwX219TL1G17KYKy6KOtUX/quickstarthttps://github.com/auth0-community/auth0-WinFormsWPF-oidc-samples/tree/master/Quickstart/00-Starter-Seed
and it provides a connection, but using the Auth0.OidcClient library.

Reading about this libary, I see that it uses the IdentityModel OpenID Connect Client Library, and “simply acts as a very thin wrapper arond this library, ensuring that the correct configuration is passed to Auth0”
So I have tried to get an example where I use directly the OidcClient2 library, taking directly the samples for WPF (the type of app I need), here.
However I can’t make this work completely. I have configured it to get the login window, and I see login successful in the logs, but in code I get the error “An item with the same key has already been added.” Trying to debug this, in the Auth0 library example I get a raw response in the form https://.eu.auth0.com/mobile?code=nyY2hw1mKSmQqQR6&state=078f2688c3fba543055ac3a3e0ddfa1a, but in the OIDC “standard” I get something like ?=email@grantadesign.com&=password&wa=wsignin1.0&wresult=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1c2VyX2lkIjoiNWIwZTcyMGY3Yjk0NDkzMWY0MDEyNGZmIiwiZW1haWwiOiJzZXJnaW8udHJpbGxvQGdyYW50YWRlc2lnbi5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwic2lkIjoic1ZtbWVaWmlhSjFTSGxUXzZ6a0IzR1hHZGhPbzQxT04iLCJpYXQiOjE1MjgxMDQ3NzgsImV4cCI6MTUyODEwNDgzOCwiYXVkIjoidXJuOmF1dGgwOnNlcmdpb3Rlc3Q6VXNlcm5hbWUtUGFzc3dvcmQtQXV0aGVudGljYXRpb24iLCJpc3MiOiJ1cm46YXV0aDAifQ.FrfTpjInwDbM92pDQGXzn1VTaqOxek_hI1oozUisAnNzZA8k1Hby29urk8CmwL1w5gww461KEpizWFBkuvYXBXui1rn8qmEmXlDce2_CYBYcCAS_bFqbjayBPLmXMaIw-QwSKfYBShmQpwS2Gv0k0h00qSjfe2iGjqgA586aTtM&wctx={“strategy”:“auth0”,“auth0Client”:“eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yLjMifQ==”,“tenant”:“sergiotest”,“connection”:“Username-Password-Authentication”,“client_id”:“tXtJcqPZCeOJDuarQPCNJxy00gGDTDTQ”,“response_type”:“code”,“scope”:“openid profile email”,“redirect_uri”:“https://sergiotest.eu.auth0.com/mobile",“state”:“Rg0ZYxBhVL-NCeLGyJ0mxmn-SyScTpkB”,“nonce”:“ca115f61fdd062f232c845574772dd67”,“sid”:“sVmmeZZiaJ1SHlT_6zkB3GXGdhOo41ON”,“realm”:“Username-Password-Authentication”,“session_user”:"5b15074a3856b417170a0d56”}

Does anyone know what are the options to pass to make work Auth0 with a standard OIDC library?

Thanks


#2

I have finally made it work. Main important points are:

  • The Browser from the OIDC standard library needs to be changed. I copied the PlatformWebView class from Auth0 library
  • Also, it is important to specify that RequireAccessTokenHash and RequireAuthorizationCodeHash are set to false, as it seems they are in the Auth0 library. These params sit in a Policy Object

The code that make it work the sample is:

            Policy policy = new Policy()
        {
            RequireAccessTokenHash = false,
            RequireAuthorizationCodeHash = false
        };

        var options = new OidcClientOptions()
        {
            Authority = "https://sergiotest.eu.auth0.com",
            ClientId = "tXtJcqPZCeOJDuarQPCNJxy00gGDTDTQ",
            Scope = "offline_access openid profile email",  // offline_access yields a refresh_token
            RedirectUri = "https://sergiotest.eu.auth0.com/mobile",
            ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect,  
            Flow = OidcClientOptions.AuthenticationFlow.AuthorizationCode,
            Browser = new PlatformWebView(), 
            Policy = policy   
        };