doesn't seem to allow login (either local or via google)

[pracplayopen]

after cloning and running server and client as specified (dotnet run in server; npm install && npm run dev in client), receive a login screen as expected but it hangs (google) or errors (local bob/bob, alice/alice accounts) upon login:

here are errors in console from both attempts:

[OidcServiceWorker] service worker installed 1698479562
OidcServiceWorker.js:264 [OidcServiceWorker] service worker activated 1698479562
The FetchEvent for "https://localhost:5001/api/stuff" resulted in a network error response: the promise was rejected.
OidcServiceWorker.js:339     Uncaught (in promise) TypeError: Failed to fetch
    at handleFetch (OidcServiceWorker.js:339:23)
client.ts:18 [vite] connecting...
client.ts:150 [vite] connected.
index.js:438 state not found in service worker, using sessionStorage
getStateAsync @ index.js:438
index.js:833 Error: state not valid (expected: null, received: fY48JT7iDZJSLmz2)
    at index.js:804:13
    at async t (index.js:1045:17)
    at async Ye (index.js:908:48)
(anonymous) @ index.js:833
Show 1 more frame
Show less
index.js:804 Uncaught (in promise) Error: state not valid (expected: null, received: fY48JT7iDZJSLmz2)
    at index.js:804:13
    at async t (index.js:1045:17)
    at async Ye (index.js:908:48)

here's how it appears (google auth):

here's error when logging in via bob/bob or alice/alice locally:

Network Error
{
	"accessToken": "ACCESS_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER_default",
	"expiresIn": 75,
	"idToken": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjlBNkIyOTEwRDYyQ0UwMzc5RjNCREI1MjBBNTc1RTIyIiwidHlwIjoiSldUIn0.eyJpc3MiOiJodHRwczovL2RlbW8uZHVlbmRlc29mdHdhcmUuY29tIiwibmJmIjoxNjk4NDc5OTQxLCJpYXQiOjE2OTg0Nzk5NDEsImV4cCI6MTY5ODQ4MDI0MSwiYXVkIjoiaW50ZXJhY3RpdmUucHVibGljLnNob3J0IiwiYW1yIjpbInB3ZCJdLCJhdF9oYXNoIjoiZW8yTnNkaDQ0b3BlTXpiak5lQ2lIdyIsInNpZCI6IjBGQzQ1MkNDRkQ1NUZCMENCMjc0MjI4MEM3RTM5OEYyIiwic3ViIjoiMiIsImF1dGhfdGltZSI6MTY5ODQ3OTU4MSwiaWRwIjoibG9jYWwifQ.jT8ncBb_NNXN39BBU5JJfr3LhzaL2LyeZRfm3xtHp3dBTOSL9zvmRZ086kkI3zIAxQevxtBae4i0ffJQkR1MAZlJtbnl9w6fp7tiTbNGB6jj0gyzr89ipjpSilHbzwjH1j2uo8J9lK-t6hNVGEG-eAJX42Xz1HoA35AYwuXDjPJhu9h40PMOVaLj8fA9CGz05mTDiM3Zs2XuSUbe0N1sG81zq_X4YJQMs2rx3qZaxrWcsJPw9AWVvHvRqhq7D_39wuPbaPYEmma__H77rUSwxSv64eCm4NbhgW6lmFhTEGPT4aNE7xjWfg0PiT_-FYqFaMSWrBYm3WrCZ9HIo_uEJw",
	"scope": "openid profile email api offline_access",
	"tokenType": "Bearer",
	"issuedAt": 1698479941.461,
	"refreshToken": "REFRESH_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER_default",
	"accessTokenPayload": {
		"iss": "https://demo.duendesoftware.com",
		"nbf": 1698479941,
		"iat": 1698479941,
		"exp": 1698480016,
		"aud": "api",
		"scope": [
			"openid",
			"profile",
			"email",
			"api",
			"offline_access"
		],
		"amr": [
			"pwd"
		],
		"client_id": "interactive.public.short",
		"sub": "2",
		"auth_time": 1698479581,
		"idp": "local",
		"name": "Bob Smith",
		"email": "BobSmith@email.com",
		"sid": "0FC452CCFD55FB0CB2742280C7E398F2",
		"jti": "C978DDD35C819026406C608A26941117"
	},
	"idTokenPayload": {
		"iss": "https://demo.duendesoftware.com",
		"nbf": 1698479941,
		"iat": 1698479941,
		"exp": 1698480241,
		"aud": "interactive.public.short",
		"amr": [
			"pwd"
		],
		"at_hash": "eo2Nsdh44opeMzbjNeCiHw",
		"sid": "0FC452CCFD55FB0CB2742280C7E398F2",
		"sub": "2",
		"auth_time": 1698479581,
		"idp": "local"
	},
	"expiresAt": 1698480016
}

[ludojmj]

Hi,
As far as the server is concerned, you must register the HTTPS local domain first because the certifcate is self-signed.
After "dotnet run" in Server, browse: https://localhost:5001/health (or https://localhost:5001/swagger, whichever).
Accept the danger and then the client website will be able to talk to the httpS server.

More details in Troubleshooting section:
Network Error

[pracplayopen]

appreciate the quick response thx.

your troubleshooting section for this error is recommending what has already been done (starting server before client, which was mentioned in original issue above).

you're also mentioning steps in the 'your connection is not private' error, which is not an error being encountered here.

however, for benefit of the doubt i tried to attempt these fixes going to https://localhost:5001/swagger/index.html
this works, i see a lot of endpoints for both 'Stuff' and 'User'. (see screenshot below)

however there is no advanced setting button here (to me this sounds like the 'advanced settings' option when chrome complains about a certificate and allows you to proceed... but we're not seeing such an error here as i have mentioned).

here's what the swagger ui looks like at the above url:

this issue is important because here we're simply trying to run your repo as is, from the instructions w/no modifications.
these are the errors and information seeing.

[ludojmj]

OK.

I don't know how Chrome shares self-signed server certificate for other clients usage.
(I'll do some research to figure out though).

On Firefox, when you accept the danger to register a self-signed certificate, the certificate is really registered.
Chrome's got a more restrictive security since it happens not to be efficient.

I'm going to look into how to make Chrome working as soon as possible (but I'm not a Chrome's fan).

[pracplayopen]

the screenshots have images of what the chrome icon looks like.
it is recognizing its not a valid cert but also not preventing anything happening with the website.
the error posted is in the browser window. very few results in google (even for stems of error)
Chromium Version 118.0.5993.88 (Official Build) for Linux Mint (64-bit)

if you want us to test something else that's ok
here were a couple of steps beyond finding your project tho fwiw

really appreciate your efforts and diligence
will serve you well

[ludojmj]

Here are two solutions that work for me (taken from the stackoverflow link above).

In a terminal:

• Either this (permanent):
  (You'll probably have to close and reopen your browser after having run this command)

certutil -d sql:$HOME/.pki/nssdb -A -t "P,," -n <nickname> -i <your_exported_localhost_certificate>

• Or this (temporary):
  (Replace chromium by your actual Chrome launcher: chromium-browser, google-chrome, ...)

chromium --ignore-certificate-errors

[pracplayopen]

we get exact same errors w/firefox (this is local auth w/bob/bob):

[ludojmj]

Can you please share the messages logged in Firefox console (press F12 and open "console" and "network" tabs to grab infos) for both uris:

• http://localhost:5173 (and not :3000, my bad)

• https://localhost:5001/health

(And don't forget to have a browse at the Troubleshooting section in README.md: I mainly dealt with Firefox issues).

[pracplayopen]

there doesn't appear to be a server at port 3000. again recall this is the your code from this build in github. nothing has been modified.

dotnet command shows it's running at 5000/5001. npm shows running at 5173.

so your first request doesn't make sense (nothing running, console is empty)

your 2nd request reports "healthy" and console shows a 404 for favicon:

GET
https://localhost:5001/favicon.ico
[HTTP/2 404  13ms]

	
GET
	https://localhost:5001/favicon.ico
Status
404
VersionHTTP/2
Transferred473 B (0 B size)
Referrer Policyno-referrer
DNS ResolutionSystem

    	
    content-length
    	0
    content-security-policy
    	frame-ancestors 'self'
    date
    	Mon, 30 Oct 2023 23:08:00 GMT
    permissions-policy
    	accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
    referrer-policy
    	no-referrer
    request-context
    	appId=
    server
    	Kestrel
    x-content-type-options
    	nosniff
    X-Firefox-Spdy
    	h2
    x-frame-options
    	SAMEORIGIN
    x-ua-compatible
    	IE=Edge,chrome=1
    x-xss-protection
    	1; mode=block
    	
    Accept
    	image/avif,image/webp,*/*
    Accept-Encoding
    	gzip, deflate, br
    Accept-Language
    	en-US,en;q=0.5
    Connection
    	keep-alive
    Cookie
    	_ga=GA1.1.1495172059.1650562388; cookieaccepted=1
    Host
    	localhost:5001
    Sec-Fetch-Dest
    	image
    Sec-Fetch-Mode
    	no-cors
    Sec-Fetch-Site
    	same-origin
    TE
    	trailers
    User-Agent
    	Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0

going to close this issue as we just built this from scratch and it worked using out of box stuff.
so no need to continue to try to troubleshoot from our side.

good luck w/your project.