Skip to main content

"An error with Nouce cookie occured" in Sitecore Single Sign-On

"An error with Nouce cookie occured" in Sitecore Single Sign-On

I have implemented Sitecore Single Sign-On using Custom Identity Provider in my project. This is working fine on-premise but when I deployed it on AWS then this SSO functionality was not working on Chrome and I was getting the below error:

Error:



Solution:

After some research, I found that I need to pass `CookieManager` property in `oidcOptions` object as mentioned below code:

 public ProjectIdentityProvider(  
       FederatedAuthenticationConfiguration federatedAuthenticationConfiguration,  
       ICookieManager cookieManager,  
       BaseSettings settings) : base(federatedAuthenticationConfiguration, cookieManager, settings)  
     {  
       this.cookieManager = cookieManager ?? throw new ArgumentNullException(nameof(cookieManager));  
     }  
     protected override void ProcessCore(IdentityProvidersArgs args)  
     {  
       var authenticationType = this.GetAuthenticationType();  
       var identityProvider = this.GetIdentityProvider();  
       var saveSigninToken = identityProvider.TriggerExternalSignOut;  
       var oidcOptions = this.SetupOidcOptions(authenticationType, saveSigninToken);  
       args.App.UseOpenIdConnectAuthentication(oidcOptions);  
     }  
     public OpenIdConnectAuthenticationOptions SetupOidcOptions(  
       string authenticationType,  
       bool saveSigninToken)  
     {  
       OpenIdConnectAuthenticationOptions o = new OpenIdConnectAuthenticationOptions();  
       CancellationToken cancel = new CancellationToken(false);  
       IConfigurationManager<OpenIdConnectConfiguration> configurationManager =  
         new ConfigurationManager<OpenIdConnectConfiguration>("https://ids-dev.sharepointguild.com/.well-known/openid-configuration", new OpenIdConnectConfigurationRetriever());  
       var oidcOptions = new OpenIdConnectAuthenticationOptions  
       {  
         Configuration = configurationManager.GetConfigurationAsync(cancel).Result,  
         AuthenticationType = authenticationType,  
         ClientId = clientId,  
         ClientSecret = clientSecret,  
         ResponseType = OpenIdConnectResponseType.IdTokenToken,  
         RedirectUri = redirectUri,  
         PostLogoutRedirectUri = postLogoutRedirectUri,  
         Scope = OpenIdConnectScope.OpenIdProfile + " " + OpenIdConnectScope.OfflineAccess,  
         SaveTokens = true,  
         Notifications = new OpenIdConnectAuthenticationNotifications  
         {  
           RedirectToIdentityProvider = this.RedirectToIdentityProviderAsync,  
           SecurityTokenValidated = this.SecurityTokenValidatedAsync,  
           AuthenticationFailed = (context) =>  
           {  
             if (context.Exception.Message.Contains(errorCode))  
             {  
               context.HandleResponse();  
               context.OwinContext.Authentication.Challenge();  
             }  
             Sitecore.Diagnostics.Log.Error("AuthenticationFailed" + context.Exception.Message, "AuthenticationFailed" + context.Exception.Message);  
             return Task.FromResult(true);  
           }  
         },  
         TokenValidationParameters =  
       {  
         SaveSigninToken = saveSigninToken,  
         ValidateIssuer = false  
       },  
         CookieManager = cookieManager  
       };  
       oidcOptions.Configuration.AuthorizationEndpoint = authority;  
       return oidcOptions;  
     }

 

I hope this solution is helpful for you as well  :) 


Labels:
Location: Singapore

Comments

Post a Comment

Popular posts from this blog

Azure AD Integration with Sitecore 10.2

 Azure AD Integration with Sitecore 10.2 Sitecore identity server that comes with Sitecore 9.1 allows you to log in through an external identity provider like Azure Active Directory, Facebook, Apple, or Google. It is built on Federation Authentication. What is Federation Authentication? Federation authentication is a technology to allows users to access multiples application, tools, and domains using one credential. Using one set of credential user can access multiple applications, and resources after authentication.  Federation authentication consists of two systems, the Identity provider and the Service provider. Identity providers that maintain/create/manage identity information like name, email address, device, and location. Some examples of identity providers are Azure AD, Google, Facebook, and Apple. Service providers basically refer to a website, software, or app that the user is trying to access and SP basically relies on the identity provider to authenticate the user ...
1 comment
Read more

Sitecore 10.2 - “Failed to start service ‘Sitecore Marketing Automation Engine’” on Windows 11

Sitecore 10.2 - “Failed to start service ‘Sitecore Marketing Automation Engine' ” on Windows 11 Today I started to install Sitecore 10.2 using Sitecore Instance Manager on Windows 11 and I got this issue “Failed to start service ‘Sitecore Marketing Automation Engine' ” . Error : On event viewer it was showing the below error: I also tried to run ‘ Sitecore.MAEngine.exe ’ like this C:\Windows\system32>C:\inetpub\wwwroot\sclocal102xconnect.dev.local\App_Data\jobs\continuous\AutomationEngine\Sitecore.MAEngine.exe Which was throwing below error: Starting Marketing Automation Engine... 2022-01-29 22:21:11 ERR Error initializing XConnect client. System.AggregateException: One or more errors occurred. ---> Sitecore.XConnect.XdbCollectionUnavailableException: An error occurred while sending the request. ---> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: An unexpected err...
Post a Comment
Read more

Sitecore Single Sign-On using Custom Identity Provider

Sitecore Single Sign-On using Custom Identity Provider In the previous blog, we discussed Azure AD Integration with Sitecore  for content management. Now in this blog, we are going to discuss how we can allow the end users to log in through SSO. Single Sign On allows users to enter credentials only one time instead of entering the credentials on each application. Sitecore identity server that comes with Sitecore 9.1 allows you to log in through an external identity provider like Azure Active Directory, Facebook, Apple, or Google. It is built on Federation Authentication. Sitecore Identity. Below are the steps: Step 1: Configure OpenID Connect Create a pipeline processor to configure OpenID connect to talk to custom identity providers. Step 2: Patch File Create a patch file that will register a custom Sitecore identity. Step 3:  Login Button Functionality Now on clicking on the login button, you need to redirect to SSO so for this controller add below code: SXA: In the SXA we...
Post a Comment
Read more