Blazor RemoteAuthenticatorView stuck in "Completing login..." after "No matching state found" error

[Jimmys20]

Is there an existing issue for this?

• I have searched the existing issues

Describe the bug

Hello I have a Blazor WASM application that implements OIDC authentication using authentication library. I'm having a problem when users return back to the previous login URL by pressing the browser back button. This issue is described in more detail here: DuendeArchive/identity-model-oidc-client-js#940. Doing some debugging I noticed that indeed I'm getting a "No matching state found in storage" error from Microsoft.AspNetCore.Components.WebAssembly.Authentication/AuthenticationService.js.

This is expected behavior because the state is deleted from storage after successful login. What I would like to ask is a way to better handle this error. Right now it gets stuck Completing login... without showing any error to the user or the browser console. I would expect RemoteAuthenticatorView to switch to the LogInFailed RenderFragment and show the error that occurred.

What is the best way to handle this error?

Expected Behavior

No response

Steps To Reproduce

No response

Exceptions (if any)

No response

.NET Version

No response

Anything else?

No response

[javiercn]

@Jimmys20 thanks for contacting us.

Can you describe the sequence of pages you visit/actions you perform as part of the flow?

[Jimmys20]

Sure, https://localhost:3375/ is the Blazor WASM application and https://localhost:3371/ is the OIDC provider (IdentityServer 4) and authorization code flow is implemented between them.

1. User visits https://localhost:3375
2. User is not authenticated so he gets redirected to the Authentication.razor page (NavigationManager.NavigateToLogin($"authentication/login");).
3. Authentication.razor starts the the login process and redirects the user to the Identity Provider. https://localhost:3371/Account/Login?ReturnUrl=...
4. User enters credentials, submits login form and gets redirected back to https://localhost:3375/authentication/login-callback?code=...
5. Authentication.razor completes the login process successfully and redirects the user to https://localhost:3375 (Index.razor).
6. Now the user presses the browser back button and goes back to the Identity Provider https://localhost:3371/Account/Login?ReturnUrl=....
7. Submits login form second time and is redirected to https://localhost:3375/authentication/login-callback?code=...
8. Authentication.razor tries to process login callback but gets stuck on Completing login... because "No matching state found in storage" occurs.

We've moved this issue to the Backlog milestone. This means that it is not going to be worked on for the coming release. We will reassess the backlog following the current release and consider this item at that time. To learn more about our issue management process and to have better expectation regarding different types of issues you can read our Triage Process.

[DigitalSauce]

Is there any workaround here?