Identityserver4: HomeController.Login does NOT handle 'cancel'

In what way?

What should be done in mvc client to handle access denied when user cancels
login?

On Fri, Aug 17, 2018 at 5:11 PM Brock Allen notifications@github.com
wrote:

In what way?

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
https://github.com/IdentityServer/IdentityServer4/issues/2556#issuecomment-414000767,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AFasaWKZyJOo-0tL88Rpokp3weslfYP6ks5uRz-fgaJpZM4WCOpM
.

That's up to the client application (and the tech stack you use to help with the protocol). In ASP.NET Core MVC, you'd handle the error event and check for access_denied as the error code.

I'm using the MVC app (implicit) that is provided in the samples. Would
like to redirect to an 'Access Denied' page or something of the like if
they hit cancel. It currently returns to http://localhost:5002/signin-oidc
with the following error:

OpenIdConnectProtocolException: Message contains error: 'access_denied',
error_description: 'error_description is null', error_uri: 'error_uri is
null'.

Is there a way to define an AccessDeniedPath in the client that Identity
Server could check?

Thanks!

On Fri, Aug 17, 2018 at 7:42 PM Brock Allen notifications@github.com
wrote:

That's up to the client application (and the tech stack you use to help
with the protocol). In ASP.NET Core MVC, you'd handle the error event.

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
https://github.com/IdentityServer/IdentityServer4/issues/2556#issuecomment-414019506,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AFasaQ8iFLCC1Hs8lYhc4nBKKB4oh6m8ks5uR2MHgaJpZM4WCOpM
.

It currently returns to http://localhost:5002/signin-oidc with the following error:
OpenIdConnectProtocolException: Message contains error: 'access_denied', error_description: 'error_description is null', error_uri: 'error_uri is null'.

This is by design and up to the client to handle. Now if you're asking for the samples to be clarified, then we will gladly accept a PR for that. You'd handle it by handling the error event on OIDC options in the client.

Closing. If you wish to beef up the same clients, please send a PR. Thanks.

You can try something like this...

.AddOpenIdConnect("oidc", options =>
{
    // other options here...

    options.Events = new OpenIdConnectEvents
    {
        OnRemoteFailure = (context) =>
        {
            context.Response.Redirect("/");
            context.HandleResponse();

            return Task.CompletedTask;
        }
    };
});

You can try something like this...

.AddOpenIdConnect("oidc", options =>
{
    // other options here...

    options.Events = new OpenIdConnectEvents
    {
        OnRemoteFailure = (context) =>
        {
            context.Response.Redirect("/");
            context.HandleResponse();

            return Task.CompletedTask;
        }
    };
});

hi,when I use OnRemoteFailure Event,i did solve this bug on response page.but,It still appearing in the console。Is there any way to cancel the error in the console? thank you。感谢能指导下

I am facing a this situation too. I will be reading this thread carefully to see what I can make of the designed behaviour, However I have already established that if I remove the complex cancel logic in the Identity Server example and replace it with a simple redirect to the home page (or an access denied page) of the calling client then this will work for an MVC only stack. But I want to share my Identity Server with windows forms clients too so hence I need to make the expected behaviour do its thing.

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.