Search code examples
itfoxtec-identity-saml2

ITfoxtec.Identity.Saml2 library hanging when fetching IdP metadata

I'm using the ITfoxtec.Identity.Saml2 library to implement an SSO solution for our service.

However, I've run into a problem; when calling EntityDescriptor.ReadIdPSsoDescriptorFromUrlAsync(httpClient, url) to fetch the IdP's metadata, the code just seems to hang.

So I removed the Nuget packages and instead got the library source and included those projects in my solution so I could track down the problem, and I found the code seems to hang on line 258 of EntityDescriptor.cs in the Saml2 library (the first line of the ReadIdPSsoDescriptorFromUrlAsync method):

using (var response = cancellationToken.HasValue ? await httpClient.GetAsync(idPMetadataUrl, cancellationToken.Value) : await httpClient.GetAsync(idPMetadataUrl))

I can successfully fetch the metadata with a call like this:

var metadata = httpClient.GetAsync(metadataUrl).Result;

so I know the actual http call should be good; it's just that the GetAsync method in EntityDescriptor.cs never seems to return.

I did some googling and played around with the code, and eventually found that by changing await httpClient.GetAsync(idPMetadataUrl) to await httpClient.GetAsync(idPMetadataUrl).ConfigureAwait(false) the code stopped hanging (which I think idicates there was some deadlock somewhere??), but I can't understand why that might happen - my code isn't doing anything else with tasks and fetching this metadata is pretty much the first thing it does in an http get handler.

ALthough I have a "fix" that makes the code work for me, I don't believe it's something I should have to do, so there's probably something else going on that I don't understand (and I'd rather just pull in the Nuget packages than use a modified version of the source). Any thoughts on what's going on?

(I'm using .Net Frameworkd 4.8, if it makes a difference.)

EDIT: The best work-around seems to be to use the deprecated ReadIdPSsoDescriptorFromUrl method, but I still don't understand why I need to.

Solution

  • I never found a fix for the hanging, but by using the deprecated ReadIdPSsoDescriptorFromUrl method instead, my works without issue.

    Whilst it may not be the "correct" answer, at least it works.