Blazor Server App with Azure B2C authentication throws exception on back navigation

Question

I have implemented a Blazor Server App project that uses Azure B2C for authentication and authorization.

The problem is that when I navigate to the app from Google chrome and then navigate to the previous page the browser, Google chrome behaves different than Firefox. Firefox navigates back without errors but Google chrome redirects me to this page

I also checked my application logs and I found the below unhandled exception

warn: Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler[15] '.AspNetCore.Correlation.k3N-jORFKYdELX1dInIv2C_hsBx7-R0tox2Ctj9zUtc' cookie not found.

My Azure B2C configuration on Program.cs is

builder.Services.AddMicrosoftIdentityWebAppAuthentication(builder.Configuration, "AzureAdB2C")
                .EnableTokenAcquisitionToCallDownstreamApi(new string[] { builder.Configuration["TodoList:TodoListScope"] })
                .AddDistributedTokenCaches();

How can I handle this error ?

Thanks in advance.

Answer 1

Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler[15] '.AspNetCore.Correlation.k3N-"<------->' cookie not found.

This error occurs that change in Chrome's cookie-handling behaviour while using Chrome against localhost.

In chrome developer tools the cookie's SameSite value may be set to "None" and it is not secure this may cause Correlation cookie was removed by the browser

In Startup.cs > ConfigureServices method: you need to add the

app.UseCookiePolicy(new CookiePolicyOptions
{
    Secure = CookieSecurePolicy.Always
});

And also has another option for same-site process you need to use SameSiteMode.Lax

app.UseCookiePolicy(new CookiePolicyOptions()
{
    MinimumSameSitePolicy = SameSiteMode.Lax
});

Reference: c# - Correlation failed in net.core / asp.net identity / openid connect - Stack Overflow