Continuous redirect on iOS

ja0291091 · November 23, 2018, 3:20pm

I have created a .net core application that uses auth0 authentication. When a user logs in on an ios device, their browser hangs in a continuous loop after they have entered their credentials. When they close the tab and open the website in a new tab, they are signed in.

konrad.sopala · November 27, 2018, 11:19pm

Hey there @ja0291091!

Sorry to hear that! It’s a really strange scenario to be honest. Can you tell me more about what version of the SDK you’re using, what the iOS system version on those iPhones?

It would be really great if you can also DM me with the HAR files so I can investigate it further. Here’s more on HAR files:

Thanks a lot for that!

ja0291091 · November 28, 2018, 1:08pm

I don’t think I can create HAR files on an iphone. The iphones are iOS 12, but I also heard that iOS 11 has the same problem.

I can however provide you with some server logs that show the continuous requests.

I’m not using an SDK specifically. Instead, I have followed the tutorials from Auth0 ASP.NET Core MVC SDK Quickstarts: Login (the app runs in a .net core 2.0 environment and another copy runs in .net core 2.1)

Edit:
my configuration is similar to this: Nginx Ssl and Auth0 goes into login loop

mbghone · December 3, 2018, 6:07am

I am having the same issue. Asp.net mvc site. iPhone, etc. Any resolution?

mbghone · December 3, 2018, 6:58am

It appears what was causing the loop in my situation was this: In my web.config, I did not have the “s” in “http” on my logout url. Making it “https” seems to have solves my problem. Hope this is useful. Apologize as this seems to be on me.

konrad.sopala · December 10, 2018, 4:03pm

Sorry @ja0291091 forgot that you mentioned iOS. I asked our developer support team but didn’t have an answer just yet. Can you try the solution that @mbghone suggested worked for him?

Thanks a lot !

ja0291091 · December 11, 2018, 11:26am

hi,

This problem has just been solved. The solution can be found here.

What solved it for me was the following change in startup.cs:

old code:

services.AddCookie()

new code:

services.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
{
    // Other options
    options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.None;
})

It has to do with a recent change in iOS 12 with regards to SameSite cookies, but the exact explanation can be found via the link above.

Thank you very much for your help and cooperation.

konrad.sopala · December 11, 2018, 12:19pm

Glad you make it! Thanks for sharing!

system · January 10, 2019, 12:19pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.