I have a Blazor web app (interactive server) that connects to an external IdP. Most of the times it works fine. However, once in a while the app enters into an infinite redirect loop when the user logs in.
My app.razor looks like this:
<CascadingValue Value="@ShowBanner"><CascadingValue Value="@ConsentCookie"><CascadingValue Value="@Tenant" IsFixed="true"><Router AppAssembly="@typeof(Program).Assembly"><Found Context="routeData"><AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)"><NotAuthorized><RedirectToLogin /></NotAuthorized></AuthorizeRouteView></Found><NotFound><LayoutView Layout="@typeof(LoginLayout)"><Unauthorized Message="Not found" /></LayoutView></NotFound></Router></CascadingValue></CascadingValue></CascadingValue>RedirectToLogin: Simple razor component using NavigationManager to redirect to Account\Login which is a controller action.
OidcEvents.TokenValidated: Stores the token in distributed cache.
CookieEvents: Writes log entries in the events. No code in SigningIn or SignedIn
And these logs keep on repeating:
- [INF] [RequestLoggingMiddleware] HTTP GET responded 200 in 449,3090 ms
- [INF] [RequestLoggingMiddleware] HTTP GET /_framework/blazor.server.js responded 304 in 10,1446 ms
- [INF] [RequestLoggingMiddleware] HTTP GET /_blazor/initializers responded 200 in 9,0249 ms
- [INF] [RequestLoggingMiddleware] HTTP POST /_blazor/negotiate responded 200 in 10,8939 ms
- [DBG] [App.OnInitializedAsync] User authenticated: False
- [DBG] [RedirectToLogin.OnInitialized] Redirecting to login page, forcing load
- [DBG] [AccountController.Login] Challenge with redirect to: /Shop
- [INF] [RequestLoggingMiddleware] HTTP GET /Account/Login responded 302 in 105,2844 ms
- [DBG] [App.OnAfterRenderAsync] Check if tenant license is still valid
- [INF] [RequestLoggingMiddleware] HTTP GET /_blazor responded 101 in 557,2601 ms
- [DBG] [OidcEvents.TokenValidated] Token validated and stored for user: Ivan Debono
- [DBG] [CookieEvents.SigningIn] Signing in with cookie authentication.
- [DBG] [CookieEvents.SignedIn] Signed in to cookie authentication.
As no exceptions are being thrown I can't find the exact location in the flow where a problem might be.
Is there a way to pinpoint the problem and, hopefully, solve it?