Azure Authentication “No player id” - Focused Troubleshooting

Issue Analysis

Since database persistence works (settings survive logout/login), the issue is specifically with authentication claim retrieval in the Azure environment.

Debugging Steps

Step 1: Test Authentication Components

Visit these endpoints to isolate the issue:

Test Principal Creation (No Login Required)

GET /debug/test-auth

Expected Response:

{
  "success": true,
  "userId": 1,
  "userName": "Admin",
  "principalUid": "1",
  "principalName": "Admin",
  "isAuthenticated": true,
  "allClaims": [
    {"type": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name", "value": "Admin"},
    {"type": "uid", "value": "1"},
    {"type": "http://schemas.microsoft.com/ws/2008/06/identity/claims/role", "value": "Admin"}
  ]
}

Check Current Authentication State

GET /debug/auth-info

Expected Response (after login):

{
  "isAuthenticated": true,
  "name": "Admin",
  "uidClaim": "1"
}

Step 2: Monitor Login Flow

Check application logs during login for these messages:

Successful Login Flow:

Login debug: Authentication successful for user 'Admin' (ID: 1)
BuildPrincipal debug: Building principal for user 'Admin' (ID: 1)
BuildPrincipal debug: Claims created:
  - http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name: Admin
  - uid: 1
  - http://schemas.microsoft.com/ws/2008/06/identity/claims/role: Admin
BuildPrincipal debug: Authentication type: Cookies
BuildPrincipal debug: IsAuthenticated: True
BuildPrincipal debug: Principal name: Admin
Login debug: About to sign in principal
Cookie signing in: Admin
Cookie signed in: Admin
Login debug: Sign-in completed for user 'Admin'

Problem Indicators:

Login debug: Authentication failed for user 'Admin'
BuildPrincipal debug: Principal name: (null)
GetCurrentUserId debug: UID claim value: ''

Step 3: Test Password Change After Login

After successful login, attempt password change and check for:

Expected Debug Messages:

GetCurrentUserId debug: Successfully parsed UID: 1
PIN change debug: Changing PIN for user 'Admin' (ID: 1)
PIN change debug: Current PIN valid: True
PIN change debug: Database save completed. Changes saved: 1
PIN change debug: Current PIN valid: True, New PIN valid after save: True

Common Azure Authentication Issues

Symptoms:

  • Login appears successful but /debug/auth-info shows isAuthenticated: false
  • User gets redirected to login immediately after successful login

Azure-Specific Causes:

  • HTTPS/HTTPS cookie mismatch
  • Invalid cookie domain settings
  • Load balancer cookie handling

Solutions:

  1. Verify HTTPS: Ensure Azure App Service has HTTPS enabled
  2. Check Cookie Settings: Verify CookieSecurePolicy.Always is appropriate
  3. Clear Browser Cookies: Stale cookies can cause issues

Symptoms:

  • isAuthenticated: true but uidClaim: null
  • User appears logged in but claims are missing

Azure-Specific Causes:

  • Cookie size limitations
  • Claim serialization issues
  • Data protection key persistence

Solutions:

  1. Check Data Protection Keys: Ensure keys persist across app restarts
  2. Verify Claim Creation: Use /debug/test-auth to confirm claims are created correctly
  3. Monitor Cookie Size: Large claims may be truncated

Issue 3: SignalR Authentication Issues

Symptoms:

  • Authentication works on initial page load but fails on SignalR connections
  • Blazor components can’t access user claims

Azure-Specific Causes:

  • SignalR hub authentication differs from page authentication
  • Cookie access token issues

Solutions:

  1. Check HttpContext Access: Verify HttpContextAccessor works correctly
  2. Test SignalR Authentication: Monitor hub connection logs
  3. Verify Component Initialization: Check if user ID is available during component init

Quick Diagnostic Commands

Test All Authentication Components

# 1. Test principal creation
curl https://your-app.azurewebsites.net/debug/test-auth

# 2. Test database connectivity  
curl https://your-app.azurewebsites.net/health/db

# 3. Login manually (check browser network tab)
POST /auth/login with name=Admin&pin=1371

# 4. Check authentication state after login
curl https://your-app.azurewebsites.net/debug/auth-info

Monitor Logs in Real-Time

# Azure CLI
az webapp log tail --resource-group YourResourceGroup --name YourAppService

# Or via Azure Portal: Log Stream

Expected vs Actual Behavior Comparison

Expected Working Flow:

  1. /debug/test-auth shows successful principal creation
  2. ✅ Login completes without errors
  3. /debug/auth-info shows isAuthenticated: true and uidClaim: "1"
  4. ✅ Password change shows “PIN changed” message
  5. ✅ Debug logs show successful user ID retrieval

Problem Indicators:

  1. /debug/test-auth fails → Database or user lookup issue
  2. ❌ Login fails → Authentication validation issue
  3. /debug/auth-info shows isAuthenticated: false → Cookie persistence issue
  4. /debug/auth-info shows uidClaim: null → Claim creation/persistence issue
  5. ❌ Password change shows “No player id” → Claim retrieval issue

Immediate Actions to Try

1. Restart App Service

az webapp restart --resource-group YourResourceGroup --name YourAppService

2. Clear Browser Data

  • Clear all cookies for the domain
  • Clear browser cache
  • Try in incognito/private mode

3. Test with Different Browser

  • Rule out browser-specific cookie issues
  • Test authentication flow end-to-end

4. Check Application Settings

Ensure these are set in Azure App Service:

  • ASPNETCORE_ENVIRONMENT = Production
  • HTTPS is enabled and enforced
  • No conflicting authentication settings

Implementation Status: ✅ DEBUGGING ENHANCED

All debugging capabilities are now in place:

  • ✅ Enhanced principal creation logging
  • ✅ Login flow debugging
  • ✅ Authentication state diagnostics
  • ✅ Test endpoints for component isolation
  • ✅ Comprehensive troubleshooting guide

Next Step: Deploy these debugging enhancements and run the diagnostic steps to identify the exact point of failure in the Azure authentication flow.

📚 ← Back to Project Documentation

?? ? Back to Project Documentation