Multiple implicit clients cannot be stored in cookie #2446
Comments
|
Do you have an example of the invalid value? |
|
For example, when using "client1" and "client2" the following exception occurs: ArgumentException: Invalid cookie value: %5B%22client1%22,%22client2%22%5D The appropriate JSON-String is: ["client1","client2"] |
|
ok, thanks. i'll look into it. |
|
thank you |
|
Also, do you have a call stack for the error? |
|
I'm not able to repro this. When the JSON is sent into the API to set the cookie, it seems it's being properly encoded internally in the Katana layer. I used the same "client1" & "client2" values you are using as well. |
|
I just used the Mvc sample of IdentityServer4 and added another MVC Client. Here´s the callstack: ArgumentException: Invalid cookie value: %5B%22mvc_implicit%22,%22mvc_implicit2%22%5D |
|
I see a comma in there -- somehow that's getting in there and affecting it I think. That's not a properly url encoded value, so I'm stumped how that's getting in there. This happens consistently for you? I'd hope this is not somehow related to locale. Again, I'm stumped. |
|
Yes it happens consistently with IdentityServer3 (v2.3) and IdentityServer4. I also created a standard ASP.NET MVC5 project and added a cookie the same way by serializing it with JsonConvert.SerializeObject in the Index action of the HomeController. The same exception occurs. The stack trace is from from your IdentityServer4 sample: I just added another MvcClient using another implicit client. So the configuration of the IdentityServer was not adjusted. That´s strange... |
|
Here´s my test project where I´m trying to set a cookie in the Index action of the home controller. If this is working on your machine then it must be a local problem. https://github.com/donruperto/CookieTest.git |
This tells me you should be opening an issue with Microsoft, as it's something from Katana. |
|
Thanks a lot. After a search in the Microsoft Git repository I found an open issue relating to the problem: Sorry this should have been my first investigation target. |
|
Ok, I'll close this given that it seems to be a |
|
Also, this is happening for you in Katana, yes? You should update that thread and let them know. |
|
@donruperto Can you confirm if this was happening to you in IdSvr3 or IdSvr4? |
|
This was happening in IdSvr4 (ASP.NET 5 Webproject). It´s working correctly with IdSvr3 (ASP.NET 4 Webproject) |
|
Ah ok, so my confusion was that this issue was opened here (and not in the IdSvr4 repo). Thx for the update. |
|
Ah sorry, that was my fault. |
Hi,
I´m using two implicit clients and an exception occurs when IdentityServer tries to save them in the cookie idsvr.clients
The problem is in the method ClientListCookie.SetClients - The value created by JsonConvert.SerializeObject is not valid for a cookie.
Rupert
The text was updated successfully, but these errors were encountered: