Auth0 Home Blog Docs

What is signin-auth?

aspnet-core
authorization-code-f
aspnet-mvc

#1

I am developing an ASP .Net Core MVC web app which calls a web API using the “Authorization Code Grant Flow”. I see in a lot of examples, the redirect_uri is “http://localhost:60856/signin-auth” - what is signin-auth? Is it a controller I need to implement in my web app?
Also, if anyone has any ASP .Net Core MVC samples using the “Authorization Code Grant Flow” I would greatly appreciate it.
Thanks


#2

If you are using the .NET SDK, it will automatically generate the signin-auth middleware to process the response from Auth0 when it arrives - you do not need to implement this yourself. We don’t currently have a specific .NET Core sample using the Authorization Code flow.


#3

To complement @prashant’s answer, the /signin-auth is the URL that will be called once your users have successfully authenticated through Auth0. And as he said, it’s part of the OAuth0 middleware setup. You can find more info here: https://github.com/auth0-samples/auth0-aspnetcore-mvc-samples/tree/master/Samples/oauth2#4-configure-the-cookie-and-oauth-middleware


#4

Thanks guys. Yes, for some reason, I don’t think I have the signin-auth middleware.

This is my Startup.cs file:

https://gist.github.com/MrPrashantT/b2983aea2e5f46b9200392efa7ea7582


#5

Well, I don’t actually know if that is the problem… When I click the login link on my web app, it correclty opens up the Auth0 login form, but after logging in, I get the following error:

https://gist.github.com/MrPrashantT/b85c33cb473ff12ebe4f2006c3f8a15d


#6

Thanks guys. Yes, for some reason, I don’t think I have the signin-auth middleware.

This is my Startup.cs file:

https://gist.github.com/MrPrashantT/b2983aea2e5f46b9200392efa7ea7582


#7

Well, I don’t actually know if that is the problem… When I click the login link on my web app, it correclty opens up the Auth0 login form, but after logging in, I get the following error:

https://gist.github.com/MrPrashantT/b85c33cb473ff12ebe4f2006c3f8a15d


#8

Thanks for the reply Prashant. If I look at the Auth0 settings as you suggested, it is set to HS256. In my code, I don’t see anywhere where I am specifying which algorithm to use… I have a controller (AccountController) which fires up when the user selects “login”. This is the action that executes:

public class AccountController : Controller
{    
    public IActionResult Login(string returnUrl = "/")
    {
        return new ChallengeResult("Auth0", new AuthenticationProperties() { RedirectUri = returnUrl });
    }
}

I’m quite new to all this so not sure if somewhere there I should perhaps be specifying the algorithm? Unfortunately I haven’t found a single example of the Authorization Code Grant Flow using ASP .Net Core :frowning:


#9

You were right Prashant - after switching to RS256 in the Auth0 settings page, my web app now works. So for some reason, my web app is using the RS256 algorithm…


#10

You were right Prashant - after switching to RS256 in the Auth0 settings page, my web app now works. So for some reason, my web app is using the RS256 algorithm…


#11

@support That error seems to indicate that your middleware is not configured for the correct signing algorithm. Can you please check what signing algorithm your tokens are signed using, and ensure it matches your configuration in your application.

Dashboard > Clients > Your client > Advanced Settings > OAuth > JsonWebToken Signature Algorithm.

Note: For long code snippets, please use something like https://gist.github.com/, and share the link in your comment.


#12