CORS issue in IdentityServer 4
I'm using IdentityServer 4 as oauth for my application ( Reactjs ) I'm running Identityserver on port http://localhost:5000 and reactjs app on http://localhost:3000. I have tried using CORS for my idenityserver4 with the following code.
public void ConfigureServices(IServiceCollection services)
{
services.AddIdentityServer(options =>
{
options.Events.RaiseSuccessEvents = true;
options.Events.RaiseFailureEvents = true;
options.Events.RaiseErrorEvents = true;
})
.AddClientStore<ClientStore>()
//.AddInMemoryApiResources(Config.GetApiResources())
.AddResourceStore<ResourceStore>()
//.AddInMemoryClients(Config.GetClients())
.AddCustomUserStore()
.AddCertificateFromFile();
services.AddCors(options =>
{
options.AddPolicy("CorsPolicy",
builder => builder.WithOrigins( "http://localhost:3000/")
.AllowAnyMethod()
.AllowAnyHeader());
});
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment environment)
{
app.UseForwardedHeaders();
if (environment.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseCors("CorsPolicy");
//app.UseCors("default");
app.UseIdentityServer();
app.UseStaticFiles();
// uncomment, if you want to add an MVC-based UI
app.UseMvcWithDefaultRoute();
}
}
Even though I have added localhost:3000 in WithOrigins(), when I try to make a request from react app with axios I'm getting the following blocked error.
Can someone help me to know where I'm doing wrong. I need my application to only allow some list of origins (apps) Thanks
It's likely this could be because of the trailing slash, this is mentioned in the documentation.
Note: The specified URL must not contain a trailing slash (/). If the URL terminates with /, the comparison returns false and no header is returned.
Try http://localhost:3000 instead of http://localhost:3000/.
I'd also question the usage of both .AllowAnyOrigin() and .WithOrigins(). What you're looking to achieve should be possible using only .WithOrigins().
- Using domain driven design entities in an ASP.Net application
- Minimal API or AccountController for Login with ASP.NET Core Identity?
- NuGet Package Including DACPAC SQLProj
- How to compare different types of objects
- Variable not returning actual values
- SMTP server can't send emails from hosting c# asp.net
- How to compile 64bit asp.net web site with visual studio?
- Get url without querystring
- Fancybox not showing streamed image correctly
- Continously Publish Matlab Text Output to a Website
- How to pass js function argument to inline c# in cshtml?
- Is there a way to get different values from a single radiobuttonlist field used in ASP:Gridview
- Can aspx grid binding be done after response.redirect?
- Why do I get a "Field is Required" error from my API even tough the query parameter is optional?
- Failed to convert parameter value from a String to a Byte[]
- GetAwait().GetResult causes potential threading problems
- Testing website overload
- How to set horizontal to list vertical li ul
- InvalidOperationException: Cannot find compilation library location for package 'System.Security.Cryptography.Pkcs'
- How to validate uploaded files in ASP.Net MVC
- Create a unit test to verify data from a SQL view in a .NET EF Core project
- Find sub string between two capital words in a text
- WsFederation using a local URL instead of login.microsoftonline.com
- How to highlight today's date in telerik datepicker
- Does PutACLAsync make a copy of an object?
- ASP.Net portable server
- Pass the selected value of a dropdown in to a URL.Action so that a modal form is displayed on a button click
- Clearing a selected DropDown item without bind-Value
- How can I troubleshoot a "401 unauthorized" error when generating a JWT token in ASP.NET?
- C# Binding Data to Text Box