Comments (4)
Tratcher
commented on July 30, 2024
Repro stack:
Not Flagged > 22164 5 Worker Thread Worker Thread Microsoft.Owin.Security.dll!Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.OnSendingHeaderCallback Normal
mscorlib.dll!System.Threading.Monitor.Wait(object obj, int millisecondsTimeout, bool exitContext)
mscorlib.dll!System.Threading.Monitor.Wait(object obj, int millisecondsTimeout)
mscorlib.dll!System.Threading.ManualResetEventSlim.Wait(int millisecondsTimeout, System.Threading.CancellationToken cancellationToken)
mscorlib.dll!System.Threading.Tasks.Task.SpinThenBlockingWait(int millisecondsTimeout, System.Threading.CancellationToken cancellationToken)
mscorlib.dll!System.Threading.Tasks.Task.InternalWait(int millisecondsTimeout, System.Threading.CancellationToken cancellationToken)
mscorlib.dll!System.Threading.Tasks.Task.Wait(int millisecondsTimeout, System.Threading.CancellationToken cancellationToken)
Microsoft.Owin.Security.dll!Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.OnSendingHeaderCallback(object state)
Microsoft.Owin.Host.SystemWeb.dll!Microsoft.Owin.Host.SystemWeb.CallHeaders.SendingHeadersEvent.Fire()
Microsoft.Owin.Host.SystemWeb.dll!Microsoft.Owin.Host.SystemWeb.OwinCallContext.StartOnce()
mscorlib.dll!System.Threading.LazyInitializer.EnsureInitializedCore<System.__Canon>(ref System.__Canon target, ref bool initialized, ref object syncLock, System.Func<System.__Canon> valueFactory)
Microsoft.Owin.Host.SystemWeb.dll!Microsoft.Owin.Host.SystemWeb.OwinCallContext.OnStart()
Microsoft.Owin.Host.SystemWeb.dll!Microsoft.Owin.Host.SystemWeb.CallStreams.OutputStream.Start(bool force)
Microsoft.Owin.Host.SystemWeb.dll!Microsoft.Owin.Host.SystemWeb.CallStreams.OutputStream.WriteAsync(byte[] buffer, int offset, int count, System.Threading.CancellationToken cancellationToken)
mscorlib.dll!System.IO.MemoryStream.CopyToAsync(System.IO.Stream destination, int bufferSize, System.Threading.CancellationToken cancellationToken)
mscorlib.dll!System.IO.Stream.CopyToAsync(System.IO.Stream destination)
IdentityServer3.dll!Owin.ConfigureHttpLoggingExtension.ConfigureHttpLogging.AnonymousMethod__0(Microsoft.Owin.IOwinContext ctx, System.Func<System.Threading.Tasks.Task> next)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Owin.ConfigureHttpLoggingExtension.<<ConfigureHttpLogging>b__0>d__2>(ref Owin.ConfigureHttpLoggingExtension.<<ConfigureHttpLogging>b__0>d__2 stateMachine)
IdentityServer3.dll!Owin.ConfigureHttpLoggingExtension.ConfigureHttpLogging.AnonymousMethod__0(Microsoft.Owin.IOwinContext ctx, System.Func<System.Threading.Tasks.Task> next)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__0(Microsoft.Owin.IOwinContext context)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
Microsoft.Owin.dll!Microsoft.Owin.Infrastructure.AppFuncTransition.Invoke(Microsoft.Owin.IOwinContext context)
Microsoft.Owin.Security.dll!Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Twitter.TwitterAuthenticationOptions>.Invoke(Microsoft.Owin.IOwinContext context)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Twitter.TwitterAuthenticationOptions>.<Invoke>d__0>(ref Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Twitter.TwitterAuthenticationOptions>.<Invoke>d__0 stateMachine)
Microsoft.Owin.Security.dll!Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Twitter.TwitterAuthenticationOptions>.Invoke(Microsoft.Owin.IOwinContext context)
Microsoft.Owin.Security.dll!Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Google.GoogleOAuth2AuthenticationOptions>.Invoke(Microsoft.Owin.IOwinContext context)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Google.GoogleOAuth2AuthenticationOptions>.<Invoke>d__0>(ref Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Google.GoogleOAuth2AuthenticationOptions>.<Invoke>d__0 stateMachine)
Microsoft.Owin.Security.dll!Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Google.GoogleOAuth2AuthenticationOptions>.Invoke(Microsoft.Owin.IOwinContext context)
Microsoft.Owin.dll!Microsoft.Owin.Infrastructure.OwinMiddlewareTransition.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__1()
IdentityServer3.dll!Owin.SignOutMessageCookieExtension.ConfigureSignOutMessageCookie.AnonymousMethod__0(Microsoft.Owin.IOwinContext context, System.Func<System.Threading.Tasks.Task> next)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Owin.SignOutMessageCookieExtension.<<ConfigureSignOutMessageCookie>b__0>d__5>(ref Owin.SignOutMessageCookieExtension.<<ConfigureSignOutMessageCookie>b__0>d__5 stateMachine)
IdentityServer3.dll!Owin.SignOutMessageCookieExtension.ConfigureSignOutMessageCookie.AnonymousMethod__0(Microsoft.Owin.IOwinContext context, System.Func<System.Threading.Tasks.Task> next)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__0(Microsoft.Owin.IOwinContext context)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__1()
IdentityServer3.dll!Owin.UseCookieAuthenticationExtension.ConfigureCookieAuthentication.AnonymousMethod__6(Microsoft.Owin.IOwinContext ctx, System.Func<System.Threading.Tasks.Task> next)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Owin.UseCookieAuthenticationExtension.(ref Owin.UseCookieAuthenticationExtension.<>c__DisplayClass9.<<ConfigureCookieAuthentication>b__6>d__10 stateMachine)
IdentityServer3.dll!Owin.UseCookieAuthenticationExtension.ConfigureCookieAuthentication.AnonymousMethod__6(Microsoft.Owin.IOwinContext ctx, System.Func<System.Threading.Tasks.Task> next)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__0(Microsoft.Owin.IOwinContext context)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.Infrastructure.AppFuncTransition.Invoke(Microsoft.Owin.IOwinContext context)
IdentityServer3.dll!Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions>.Invoke(Microsoft.Owin.IOwinContext context)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions>.<Invoke>d__0>(ref Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions>.<Invoke>d__0 stateMachine)
IdentityServer3.dll!Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions>.Invoke(Microsoft.Owin.IOwinContext context)
IdentityServer3.dll!Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions>.Invoke(Microsoft.Owin.IOwinContext context)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions>.<Invoke>d__0>(ref Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions>.<Invoke>d__0 stateMachine)
IdentityServer3.dll!Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions>.Invoke(Microsoft.Owin.IOwinContext context)
IdentityServer3.dll!Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions>.Invoke(Microsoft.Owin.IOwinContext context)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions>.<Invoke>d__0>(ref Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions>.<Invoke>d__0 stateMachine)
IdentityServer3.dll!Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions>.Invoke(Microsoft.Owin.IOwinContext context)
IdentityServer3.dll!Microsoft.Owin.Infrastructure.OwinMiddlewareTransition.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.Cors.CorsMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Microsoft.Owin.Cors.CorsMiddleware.<Invoke>d__0>(ref Microsoft.Owin.Cors.CorsMiddleware.<Invoke>d__0 stateMachine)
IdentityServer3.dll!Microsoft.Owin.Cors.CorsMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__1()
IdentityServer3.dll!Owin.OwinExtensions.UseAutofacMiddleware.AnonymousMethod__0(Microsoft.Owin.IOwinContext context, System.Func<System.Threading.Tasks.Task> next)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Owin.OwinExtensions.(ref Owin.OwinExtensions.<>c__DisplayClass2.<<UseAutofacMiddleware>b__0>d__7 stateMachine)
IdentityServer3.dll!Owin.OwinExtensions.UseAutofacMiddleware.AnonymousMethod__0(Microsoft.Owin.IOwinContext context, System.Func<System.Threading.Tasks.Task> next)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__0(Microsoft.Owin.IOwinContext context)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__1()
IdentityServer3.dll!Owin.ConfigureRenderLoggedOutPageExtension.ConfigureRenderLoggedOutPage.AnonymousMethod__0(Microsoft.Owin.IOwinContext ctx, System.Func<System.Threading.Tasks.Task> next)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Owin.ConfigureRenderLoggedOutPageExtension.<<ConfigureRenderLoggedOutPage>b__0>d__2>(ref Owin.ConfigureRenderLoggedOutPageExtension.<<ConfigureRenderLoggedOutPage>b__0>d__2 stateMachine)
IdentityServer3.dll!Owin.ConfigureRenderLoggedOutPageExtension.ConfigureRenderLoggedOutPage.AnonymousMethod__0(Microsoft.Owin.IOwinContext ctx, System.Func<System.Threading.Tasks.Task> next)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__0(Microsoft.Owin.IOwinContext context)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__1()
IdentityServer3.dll!Owin.ConfigureRequestBodyBufferExtension.ConfigureRequestBodyBuffer.AnonymousMethod__0(Microsoft.Owin.IOwinContext context, System.Func<System.Threading.Tasks.Task> next)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Owin.ConfigureRequestBodyBufferExtension.<<ConfigureRequestBodyBuffer>b__0>d__2>(ref Owin.ConfigureRequestBodyBufferExtension.<<ConfigureRequestBodyBuffer>b__0>d__2 stateMachine)
IdentityServer3.dll!Owin.ConfigureRequestBodyBufferExtension.ConfigureRequestBodyBuffer.AnonymousMethod__0(Microsoft.Owin.IOwinContext context, System.Func<System.Threading.Tasks.Task> next)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__0(Microsoft.Owin.IOwinContext context)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__1()
IdentityServer3.dll!Owin.ConfigureIdentityServerIssuerExtension.ConfigureIdentityServerIssuer.AnonymousMethod__1(Microsoft.Owin.IOwinContext ctx, System.Func<System.Threading.Tasks.Task> next)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Owin.ConfigureIdentityServerIssuerExtension.(ref Owin.ConfigureIdentityServerIssuerExtension.<>c__DisplayClass5.<<ConfigureIdentityServerIssuer>b__1>d__7 stateMachine)
IdentityServer3.dll!Owin.ConfigureIdentityServerIssuerExtension.ConfigureIdentityServerIssuer.AnonymousMethod__1(Microsoft.Owin.IOwinContext ctx, System.Func<System.Threading.Tasks.Task> next)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__0(Microsoft.Owin.IOwinContext context)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__1()
IdentityServer3.dll!Owin.ConfigureIdentityServerBaseUrlExtension.ConfigureIdentityServerBaseUrl.AnonymousMethod__0(Microsoft.Owin.IOwinContext ctx, System.Func<System.Threading.Tasks.Task> next)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Owin.ConfigureIdentityServerBaseUrlExtension.(ref Owin.ConfigureIdentityServerBaseUrlExtension.<>c__DisplayClass1.<<ConfigureIdentityServerBaseUrl>b__0>d__3 stateMachine)
IdentityServer3.dll!Owin.ConfigureIdentityServerBaseUrlExtension.ConfigureIdentityServerBaseUrl.AnonymousMethod__0(Microsoft.Owin.IOwinContext ctx, System.Func<System.Threading.Tasks.Task> next)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__0(Microsoft.Owin.IOwinContext context)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__1()
IdentityServer3.dll!Owin.ConfigureRequestIdExtension.ConfigureRequestId.AnonymousMethod__0(Microsoft.Owin.IOwinContext ctx, System.Func<System.Threading.Tasks.Task> next)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Owin.ConfigureRequestIdExtension.<<ConfigureRequestId>b__0>d__2>(ref Owin.ConfigureRequestIdExtension.<<ConfigureRequestId>b__0>d__2 stateMachine)
IdentityServer3.dll!Owin.ConfigureRequestIdExtension.ConfigureRequestId.AnonymousMethod__0(Microsoft.Owin.IOwinContext ctx, System.Func<System.Threading.Tasks.Task> next)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware..ctor.AnonymousMethod__0(Microsoft.Owin.IOwinContext context)
IdentityServer3.dll!Microsoft.Owin.Extensions.UseHandlerMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.StaticFiles.StaticFileMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.StaticFiles.DefaultFilesMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.StaticFiles.StaticFileMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!Microsoft.Owin.StaticFiles.DefaultFilesMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
IdentityServer3.dll!IdentityServer3.Core.Configuration.Hosting.RequireSslMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> env)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<IdentityServer3.Core.Configuration.Hosting.RequireSslMiddleware.<Invoke>d__0>(ref IdentityServer3.Core.Configuration.Hosting.RequireSslMiddleware.<Invoke>d__0 stateMachine)
IdentityServer3.dll!IdentityServer3.Core.Configuration.Hosting.RequireSslMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> env)
Microsoft.Owin.dll!Microsoft.Owin.Mapping.MapMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Microsoft.Owin.Mapping.MapMiddleware.<Invoke>d__0>(ref Microsoft.Owin.Mapping.MapMiddleware.<Invoke>d__0 stateMachine)
Microsoft.Owin.dll!Microsoft.Owin.Mapping.MapMiddleware.Invoke(System.Collections.Generic.IDictionary<string, object> environment)
Microsoft.Owin.Host.SystemWeb.dll!Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.IntegratedPipelineContextStage.RunApp(System.Func<System.Collections.Generic.IDictionary<string, object>, System.Threading.Tasks.Task> entryPoint, System.Collections.Generic.IDictionary<string, object> environment, System.Threading.Tasks.TaskCompletionSource<object> tcs, Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult result)
mscorlib.dll!System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.IntegratedPipelineContextStage.<RunApp>d__5>(ref Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.IntegratedPipelineContextStage.<RunApp>d__5 stateMachine)
Microsoft.Owin.Host.SystemWeb.dll!Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.IntegratedPipelineContextStage.RunApp(System.Func<System.Collections.Generic.IDictionary<string, object>, System.Threading.Tasks.Task> entryPoint, System.Collections.Generic.IDictionary<string, object> environment, System.Threading.Tasks.TaskCompletionSource<object> tcs, Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult result)
Microsoft.Owin.Host.SystemWeb.dll!Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.IntegratedPipelineContextStage.BeginEvent(object sender, System.EventArgs e, System.AsyncCallback cb, object extradata)
System.Web.dll!System.Web.HttpApplication.AsyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
System.Web.dll!System.Web.HttpApplication.ExecuteStep(System.Web.HttpApplication.IExecutionStep step, ref bool completedSynchronously)
System.Web.dll!System.Web.HttpApplication.PipelineStepManager.ResumeSteps(System.Exception error)
System.Web.dll!System.Web.HttpApplication.BeginProcessRequestNotification(System.Web.HttpContext context, System.AsyncCallback cb)
System.Web.dll!System.Web.HttpRuntime.ProcessRequestNotificationPrivate(System.Web.Hosting.IIS7WorkerRequest wr, System.Web.HttpContext context)
System.Web.dll!System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(System.IntPtr rootedObjectsPointer, System.IntPtr nativeRequestContext, System.IntPtr moduleData, int flags)
System.Web.dll!System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(System.IntPtr rootedObjectsPointer, System.IntPtr nativeRequestContext, System.IntPtr moduleData, int flags)
[AppDomain Transition]
private static void OnSendingHeaderCallback(object state)
{
AuthenticationHandler handler = (AuthenticationHandler)state;
handler.ApplyResponseAsync().Wait();
}
This happens because Twitter's ApplyResponseChallengeAsync is actually async, so the task in OnSendingHeaderCallback is actually async and blocks. This chokes on System.Web's sync context.
This only happens with IS3's logging enabled because they buffer, log, and flush the request body before the auth middleware has a chance to apply its challenge, so it tries to add the challenge in the OnSendingHeaderCallback.
https://github.com/IdentityServer/IdentityServer3/blob/93bc6bc9b536146b9e3fa0bed21d77283d07f788/source/Core/Configuration/AppBuilderExtensions/ConfigureHttpLoggingExtension.cs#L48
The write that triggered this was WriteAsync(byte[0], 0, 0);, there's no body. Not sure why CopyToAsync though it needed to call write.
Solutions:
- For ASP.NET Core OnSendingHeaderCallback is fully async, and there's no sync context, so there's no need to block/wait here. That's not a breaking change we can make to Microsoft.Owin though. (is it?)
- The IdentityServer logger does not need to copy the body if it's empty.
- Adding the buffering logger before the auth middleware in the pipeline should allow the auth middleware to complete and avoid triggering OnSendingHeaderCallback.
public void Configuration(IAppBuilder app)
{
app.Map("/identity", idsrvApp =>
{
idsrvApp.Use(async (ctx, next) =>
{
// await LogRequest(ctx.Request);
var oldStream = ctx.Response.Body;
var ms = new MemoryStream();
ctx.Response.Body = ms;
try
{
await next();
// await LogResponse(ctx.Response);
ctx.Response.Body = oldStream;
if (ms.Length > 0)
{
ms.Seek(0, SeekOrigin.Begin);
await ms.CopyToAsync(oldStream);
}
}
catch (Exception ex)
{
// Logger.DebugException("HTTP Response Exception", ex);
throw;
}
});
from aspnetkatana.
Tratcher
commented on July 30, 2024
@brockallen
When I copied ConfigureHttpLogging for debugging I found it was missing a Seek on the response body before CopyToAsync. It could also use a Length check. See above.
https://github.com/IdentityServer/IdentityServer3/blob/93bc6bc9b536146b9e3fa0bed21d77283d07f788/source/Core/Configuration/AppBuilderExtensions/ConfigureHttpLoggingExtension.cs#L48
from aspnetkatana.
brockallen
commented on July 30, 2024
Thanks. I opened an issue.
from aspnetkatana.
Tratcher
commented on July 30, 2024
Closing this issue. The core issue is the .Wait(); in OnSendingHeaders which has been fixed in Core but can't be fixed here without other significant breaks. The triggering issue lies in MemoryStream.CopyToAsync() and can most easily be worked around in IdentityServer.
from aspnetkatana.
Related Issues (20)
- .AspNet.Correlation cookie not found HOT 5
- AspNetKatana is on .Net 4.5 framework which is out of support and developer pack not present to build the application HOT 2
- Form POST data is lost when the user is redirected to the Identity provider. HOT 9
- How to debug OpenIdConnect authentication issues? HOT 12
- Could not load file or assembly Microsoft.Live.Base exception HOT 3
- Unauthorized error 401.0 for Asp.net mvc site with IIS anonymous authentication HOT 8
- /signin-oidc is not found HOT 7
- 'OwinStartupAttribute' is inaccessible due to its protection level HOT 3
- GetExternalLoginInfoAsync() return null for facebook only HOT 6
- Having vulnerabilities on Microsoft.Owin.Security.OpenIdConnect, 4.2.2 HOT 2
- ClockSkew Ignored by OAuthBearerAuthenticationHandler HOT 2
- Requests are run on IOCP threads by default in OwinHttpListener HOT 5
- Attempt to access method System.Management.Instrumentation.InstrumentedAttribute..ctor(System.String) in violation of security transparency rules failed. HOT 2
- Question: Why does the 4.2.2 package specifically require .NET Framework 4.5? HOT 2
- System.NullReferenceException: Object reference not set to an instance of an object HOT 9
- App redirects to different Auth Type refresh token URL. HOT 4
- Strange behavior on port 50000 for Owin self hosting.... HOT 8
- OpenIdConnectProtocolValidator cannot validate state HOT 4
- Should OIDC middleware be refreshing a `code id_token` when close to expiry? HOT 3
- Session in ASP.NET WebForm is cleared after authenticated by Entra ID with CookieAuthentication and WsFederationAuthentication HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aspnetkatana.