Skip to content

SignIn Callback may drive to 404 #552

New issue
New issue
Open
Open
SignIn Callback may drive to 404#552
@Han-O-Neam

Description

@Han-O-Neam
Han-O-Neam
opened on Jun 20, 2025

Hi.
We have configured an open id auth options in this way :

  • OpenIdConnectAuthenticationOptions.Callback : "/signin-my-connector"
  • in OpenIdConnectAuthenticationOptions OpenIdConnectAuthenticationNotifications, in RedirectToIdentityProvider :
  case OpenIdConnectRequestType.Authentication:
      context.ProtocolMessage.RedirectUri = $"{context.Request.Scheme}://{context.Request.Host}{context.Request.PathBase}{context.Options.CallbackPath}"

While debuging (on http://localhost:port/), everythings were going right.
But after having deployed in a platform, the app was published under a site name : http://domain/MyApp.
On that environnement, i got a 404 : The controller for path '/MyApp/signin-my-connector' was not found or does not implement IController.
I reproduced localy when i set my web site (VS2022) to be used throught http://localhost:port/MyApp/ instead of http://localhost:port/.

As a 'workaround', I had to change my settings :

  • OpenIdConnectAuthenticationOptions.Callback : i have to combine(1) System.Web.HttpContext.Current.Request.ApplicationPath with "/signin-my-connector"
  • in OpenIdConnectAuthenticationOptions OpenIdConnectAuthenticationNotifications, in RedirectToIdentityProvider :
  case OpenIdConnectRequestType.Authentication:
      //{context.Request.PathBase} removed, included in context.Options.CallbackPath
      context.ProtocolMessage.RedirectUri = $"{context.Request.Scheme}://{context.Request.Host}{context.Options.CallbackPath}"

(1) : i did a small split/join about '/' to manage the various cases singles/multiples '/' and to avoid any '//'

And then everything was working properly, no more errors.

I'm speaking about a workaround because i'm considering that the callback would have to be relative to the app's root, and the option to be the same even i'm deploying to host:port, host:port/AppName, host/AppName or anything else i havn't think about.

Maybe i'm wrong and it is the expected bahavior and i have to change my mind.
Am I ?

I tried to figure out where it is managed in the katana's source code in order to suggest a fix through a pull request but didn't get it :(
Neverthleless, here i provide a solution/workaround if it is never fixed...

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions