Identityserver4: Q : Unable to obtain configuration from: 'http://localhost/.well-known/openid-configuration'
Im trying to add a IdentityServer into my API and tryed to write one test for it.
I get successfull an accesstoken but when I try to make an request again I get the message :
Unable to obtain configuration from: 'http://localhost/.well-known/openid-configuration'
my request looks like this ->
protected TestServer Server { get; private set; }
protected HttpClient Client { get; private set; }
public IntegrationBaseTest()
{
Server = new TestServer(new WebHostBuilder().UseStartup<StartupTest>());
Client = Server.CreateClient();
}
....
....
...
protected async Task testauth()
{
var requestData2 = new[]
{
new KeyValuePair<string, string>("grant_type", "client_credentials"),
new KeyValuePair<string, string>("scope", "api1"),
new KeyValuePair<string, string>("client_id", "client"),
new KeyValuePair<string, string>("client_secret", "secret"),
new KeyValuePair<string, string>("redirect_uri", "http://localhost"),
};
var requestContent2 = new FormUrlEncodedContent(requestData2);
var accesToken = await Client.PostAsync(new Uri("http://localhost/connect/token"), requestContent2);
var request = new HttpRequestMessage(HttpMethode.GET, new Uri(Server.BaseAddress.AbsoluteUri + "/" + requestUri));
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accesToken);
var responses = await Client.SendAsync(new HttpRequestMessage(HttpMethod.Get, new Uri("http://localhost/.well-known/openid-configuration")));
var responseRs = await responses.Content.ReadAsStringAsync();
// responseRs works and i get a string
//fail here
var response = await Client.SendAsync(request);
}
My Startup has this
app.UseCors(_ => _.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod());
app.UseDefaultFiles();
app.UseStaticFiles();
app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
{
Authority = "http://localhost",
RequireHttpsMetadata = false,
ApiName = "api1"
});
app.UseIdentityServer();
app.UseMvc();
`
neridonk
All 12 comments
The API needs access to the discovery document to load configuration.
IIRC you can set up a backchannel handler in the token validation MW to mock the network.
leastprivilege
on 15 Jan 2017
Alright added backchannelhandler to my Startup and chanched some things:
// I created a AccesTokenObject which has the access_token string
Client.SetBearerToken(accesTokenObject.access_token);
//test call
var responses = await Client.GetAsync(new Uri("http://localhost/connect/userinfo"));
var responseRs = await responses.Content.ReadAsStringAsync();
fails with
{System.InvalidOperationException: IDX10803: Unable to obtain configuration from: 'http://localhost/.well-known/openid-configuration'. ---> Newtonsoft.Json.JsonReaderException: Unexpected character encountered while parsing value: W. Path '', line 0, position 0.
Do I have to set something in my Client Headers ?
neridonk
on 17 Jan 2017
Well - you have to debug your way through that yourself. The next thing I would check is what is actually returned from the endpoint via the handler.
leastprivilege
on 18 Jan 2017
okey it seems to be a strange problem with the Integrationtesting , I hope to see a full tutorial soon 馃 .
If someone has the same problems like me I recommend you to use the http://stackoverflow.com/questions/40112643/integration-testing-with-identityserverauthentication-identityserver4
neridonk
on 18 Jan 2017
@neridonk have you solved your issue? Iam facing the exact same problem.
Moritzschmidt
on 27 Apr 2017
Hi, I had this issue for over a week and this is how I resolved it:
The problem I had was the fact that I was using the "IIS Express Development Certificate" and for some odd reason it wasn't a trusted certificate on my dev machine hence it was only broken on this particular environment. To fix it, export the IIS Express Development Certificate and import it back in to the "Trusted Root Certification Authorities"->"Certificate".
Farshidgolkarihagh
on 15 Aug 2017
I had similar issue with docker swarm and traefik.
So, when you use develop (staging) certificate from letsencrypt, you can not get userInfo from backend, because you need valid production certificate for that.
May be helpful to someone :)
z-tc
on 30 May 2018
I've been wrestling with a similar issue trying to perform integration tests on an API that also hosts identity server. I seem to have run into a chicken and egg situation.
Using WebApplicationFactory to build and host the server, you call its .CreateClient() method to get an HttpClient that is plumbed into the host; however, there is no way to pass that created client into the Startup.ConfigureServices because it must be called/setup as part of building the client.
I have a simple test that demonstrates this quite nicely:
public class EntityControllerShould : IClassFixture<WebApplicationFactory<Startup>>
{
private readonly WebApplicationFactory<Startup> _factory;
public EntityControllerShould(WebApplicationFactory<Startup> factory)
{
_factory = factory;
}
[Fact]
public async Task ReturnListOfEntities_ForGet()
{
// arrange
_factory.CreateClient();
var handler = _factory.Server.CreateHandler();
var client = new HttpClient(handler) { BaseAddress = new System.Uri("http://localhost/") };
// discover endpoints from metadata
var dc = new DiscoveryClient(client.BaseAddress.ToString(), handler);
var disco = await dc.GetAsync();
if (disco.IsError)
{
Assert.True(false);
}
// request token
var tokenClient = new TokenClient(disco.TokenEndpoint, "api_client", "secret", handler);
var tokenResponse = await tokenClient.RequestClientCredentialsAsync("api1");
if (tokenResponse.IsError)
{
Assert.True(false);
}
client.SetBearerToken(tokenResponse.AccessToken);
// act
var response = await client.GetAsync("api/entity/?id=123");
// response code is 500 with the below quoted error in the header
response.EnsureSuccessStatusCode();
var responseString = await response.Content.ReadAsStringAsync();
// assert
Assert.NotNull(responseString);
}
}
Results in (similar to above, but not exactly the same:
InvalidOperationException: IDX20803: Unable to obtain configuration from: 'http://localhost/.well-known/openid-configuration'
Is there another way to provide that handler to IdentityServer4?
fuzzzerd
on 23 Oct 2018
I've regenerated my localhost certificates and installed them and still get the same problem.... I suspect its got to do with the SSL connection but have not found a solution yet.
InvalidOperationException: IDX20803: Unable to obtain configuration from: 'http://localhost:6060/.well-known/openid-configuration'.
Microsoft.IdentityModel.Protocols.ConfigurationManager
Not sure why this ticket is closed --seems many still have this issue
ivansager
on 7 Nov 2018
Not sure why this ticket is closed
It's closed because TLS is not something IdentityServer does.
brockallen
on 7 Nov 2018
Okay, thanks @brockallen for the info.
So I think what you are perhaps eluding to is that in my case "InvalidOperationException: IDX20803: Unable to obtain configuration from: 'http://localhost:6060/.well-known/openid-configuration'."
My MVC application is trying to talk to the Id/ server and trying to establish a connection with TLS .
ivansager
on 7 Nov 2018
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
![lock[bot] picture](https://avatars1.githubusercontent.com/in/6672?v=4&s=40)
lock[bot]
on 12 Jan 2020
Related issues
krgm03
路
3Comments
cixonline
路
3Comments
nukec
路
3Comments
klioqc
路
3Comments
mackie1001
路
3Comments
Most helpful comment
I've regenerated my localhost certificates and installed them and still get the same problem.... I suspect its got to do with the SSL connection but have not found a solution yet.
InvalidOperationException: IDX20803: Unable to obtain configuration from: 'http://localhost:6060/.well-known/openid-configuration'..GetConfigurationAsync(CancellationToken cancel)
Microsoft.IdentityModel.Protocols.ConfigurationManager
Not sure why this ticket is closed --seems many still have this issue