ARTICLE AD BOX
I have recently added Component Space to my NetCore 9.0 based WebApplication, to facilitate SSO.
It worked fine for few days, then i faced an issue, where the 'configurationName' is becoming empty for few requests.
This is intermittent. Once the Application pool is restarted in IIS, then it started working fine again. The issue repeated after few days again.
Here is the code below:
The paramValue 'ConfigurationName' is coming as empty, so we are getting the manually thrown logged into our DB.
'Invalid configuration ''.'
This value is being set during SSO initiation.
Code for SSO initiation:
private ActionResult SsoRedirect(IClient client){ string redirectUrl; if(client.SsoProvider == SsoProvider.ComponentSpace) { _samlServiceProvider.SetConfigurationNameAsync(client.ID.ToString()).GetAwaiter().GetResult(); var relayState = System.Text.Json.JsonSerializer.Serialize(new SsoRelayState {ReturnUrl = authConfig.AssertionConsumerServiceUrl}); relayState = Convert.ToBase64String(Encoding.UTF8.GetBytes(relayState)); \_samlServiceProvider.InitiateSsoAsync(relayState: relayState).GetAwaiter().GetResult(); redirectUrl = string.Empty; return new EmptyResult(); } }Note:
Client.ID is always non-null value, while debugging i saw the value populating, it is a primary key in our DB.
This doesnt happen every time though. Once the Application pool is refreshed/restarted in IIS, the problem goes away.
Thought to register the ISamlService service provider under TransientScope, but the internal implementation of AddSaml() takes care of that already.
SSOConfigurationResolver - implementation of AbstractSamlConfigurationResolver is registered as AddScoped(), just before AddSaml()
I am suspecting _samlServiceProvider.SetConfigurationNameAsync(client.ID.ToString()).GetAwaiter().GetResult();
This should be used with await, instead of GetAwaiter()
We are unable to reproduce the issue on lower environments.
Please help, thankyou
