Quite new to Auth0. I have an MVC Razor web app using Auth0 authentication (Auth0.AspNetCore.Authentication 1.3.1). In debug on localhost my login function works flawlessly, but when I deploy the app to my asp.net hosting provider the login fails with a server 500 on /Account/Callback.
I have double and triple checked the Allowed Callback URL's, taking the path that worked on localhost and substituting the live published domain path.
My Account controller is as follows:
// Controllers/AccountController.cs
using Microsoft.AspNetCore.Authentication;
using Auth0.AspNetCore.Authentication;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authorization;
using System.Security.Claims;
using AchtungCampersFeaturesList.Models;
using System.Diagnostics;
public static class ActiveUser
{
public static AuthorisedUser user = new AuthorisedUser();
}
public class AccountController : Controller
{
public async Task Login(string returnUrl = "/")
{
var authenticationProperties = new LoginAuthenticationPropertiesBuilder()
.WithRedirectUri(returnUrl)
.Build();
await HttpContext.ChallengeAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);
}
public async Task<IActionResult> Callback()
{
var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
var userName = User.Identity.Name;
return RedirectToAction("Profile");
}
#if !DEBUG
[Authorize]
#endif
public async Task Logout()
{
var authenticationProperties = new LogoutAuthenticationPropertiesBuilder()
.WithRedirectUri(Url.Action("Index", "Home"))
.Build();
await HttpContext.SignOutAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
}
#if !DEBUG
[Authorize]
#endif
public IActionResult Profile()
{
return View(new UserProfileViewModel()
{
Name = User.Identity.Name,
EmailAddress = User.FindFirst(c => c.Type == ClaimTypes.Email)?.Value,
ProfileImage = User.FindFirst(c => c.Type == "picture")?.Value
});
}
#if !DEBUG
[Authorize]
#endif
public IActionResult Claims()
{
return View();
}
[Route("/Account/NotAuthorised")]
public IActionResult NotAuthorised()
{
return View();
}
}